JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.52.95

104.207.52.95 was found in our database!

This IP was reported 143 times. Confidence of Abuse is 34%: ?

34%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.52.95

Whois 104.207.52.95

IP Abuse Reports for 104.207.52.95:

This IP address has been reported a total of 143 times from 22 distinct sources. 104.207.52.95 was first reported on June 11th 2024, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 pm33	2026-06-03 16:19:16 (4 days ago)	Wordpress login attempts	Brute-Force
🇫🇷 ELYAZ	2026-06-01 01:26:49 (6 days ago)	(y4) Failed scan -byebye- from 104.207.52.95 (GB/United Kingdom/-): (CF_ENABLE)	Hacking
🇺🇸 nyt	2026-05-29 05:18:55 (1 week ago)	Repeated WordPress login POSTs blocked by WAF (3 in 6h)	Brute-Force Web App Attack
Anonymous	2026-05-29 02:46:00 (1 week ago)	[ssd5.kdns.gr] httpd-login-spray-site: sites=weihnachtsbasar-athen.gr; logs=/var/log/httpd/domains/w ... show more [ssd5.kdns.gr] httpd-login-spray-site: sites=weihnachtsbasar-athen.gr; logs=/var/log/httpd/domains/weihnachtsbasar-athen.gr.log; samples=site_wide=true \| distinct_ips=16 \| /wp-login.php show less	Hacking Web App Attack
🇫🇷 MatStef132	2026-05-19 20:55:42 (2 weeks ago)	MatShield L7: blocked on mathost.eu (ua-quarantined)	Bad Web Bot
🇳🇱 MatStef132	2026-05-19 20:21:31 (2 weeks ago)	MatShield L7: blocked on chat.justchat.icu (ua-quarantined)	Bad Web Bot
🇳🇱 MatStef132	2026-05-15 13:29:59 (3 weeks ago)	MatShield L7 blocked request to fivemtest.mathost.eu for reason ua-q	DDoS Attack Bad Web Bot Web App Attack
🇫🇷 MatStef132	2026-05-14 21:32:38 (3 weeks ago)	[mathost.eu] ua-q	DDoS Attack Bad Web Bot Web App Attack
🇪🇸 el-brujo	2026-04-28 15:44:21 (1 month ago)	Cloudflare WAF: Request Path: /123456 Request Query: ?ref=f0FIWOrv-wX7j-bWVK-IUZAxsXvTU5N Host: elha ... show more Cloudflare WAF: Request Path: /123456 Request Query: ?ref=f0FIWOrv-wX7j-bWVK-IUZAxsXvTU5N Host: elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Action: block Source: ratelimit ASN Description: 3xK Tech GmbH Country: DE Method: GET Timestamp: 2026-04-28T15:44:21Z ruleId: 11a71ad4659e48b29b5173e3bcc61b4a. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇮🇹 [email protected]	2026-04-17 22:33:35 (1 month ago)	[Sat Apr 18 00:33:35.383266 2026] [authz_core:error] [pid 560720:tid 560767] [remote 104.207.52.95:4 ... show more [Sat Apr 18 00:33:35.383266 2026] [authz_core:error] [pid 560720:tid 560767] [remote 104.207.52.95:41759] AH01630: client denied by server configuration: /var/www/html/MyWeb/Wordpress_www/wp-login.php ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 18:34:19 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.95 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 13:34:08.713209 2026] [security2:error] [pid 10614:tid 10614] [client 104.207.52.95:9043] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thewhitedfamily.com"] [uri "/app/.git/config"] [unique_id "aZYGIB5OF7t4AOeUyU1NfQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 15:56:33 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.95 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 10:56:30.183669 2026] [security2:error] [pid 1850:tid 1850] [client 104.207.52.95:58199] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yareblooms.click"] [uri "/backup/.git/config"] [unique_id "aZXhLnnfjEcW8cQAeJxJ2AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 cg-design.co.uk	2026-02-18 13:14:08 (3 months ago)	(mod_security) mod_security triggered on hostname [redacted] 104.207.52.95 (GB/United Kingdom/-)	SQL Injection
🇺🇸 TPI-Abuse	2026-02-18 12:35:39 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.95 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 07:35:27.200605 2026] [security2:error] [pid 23520:tid 23520] [client 104.207.52.95:11277] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "weddingsuppliescanada.com"] [uri "/.env.staging"] [unique_id "aZWyD4omJ0mP4MijpdhrDgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 12:04:28 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.95 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 07:04:22.560726 2026] [security2:error] [pid 1193564:tid 1193564] [client 104.207.52.95:61245] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "watermarks.info"] [uri "/.env.staging"] [unique_id "aZWqxlbWqdqS0qOvHyTi9AAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 143 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 221.233.30.19

🇬🇧 217.146.80.105

🇮🇶 212.237.122.17

🇬🇹 200.119.180.20

🇵🇪 190.238.57.126

🇰🇷 183.104.26.197

🇮🇳 143.110.186.36

🇮🇩 103.24.74.145

🇺🇸 65.49.1.115

🇹🇼 220.130.187.188

🇩🇪 213.209.159.56

🇺🇸 205.210.31.51

🇲🇽 187.233.80.19

🇲🇽 186.96.145.241

🇵🇰 162.4.163.62

🇻🇺 138.226.239.11

🇺🇸 138.68.42.188

🇺🇸 137.184.32.56

🇨🇳 116.178.130.188

🇺🇸 66.132.186.140