JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.62.138

104.207.62.138 was found in our database!

This IP was reported 132 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.62.138

Whois 104.207.62.138

IP Abuse Reports for 104.207.62.138:

This IP address has been reported a total of 132 times from 14 distinct sources. 104.207.62.138 was first reported on June 7th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 MatStef132	2026-05-19 21:05:47 (2 weeks ago)	MatShield L7: blocked on anonymous (ua-quarantined)	Bad Web Bot
🇫🇷 MatStef132	2026-05-19 20:55:42 (2 weeks ago)	MatShield L7: blocked on mathost.eu (ua-quarantined)	Bad Web Bot
🇳🇱 MatStef132	2026-05-19 20:21:33 (2 weeks ago)	MatShield L7: blocked on chat.justchat.icu (ua-quarantined)	Bad Web Bot
🇳🇱 MatStef132	2026-05-16 13:13:42 (3 weeks ago)	MatShield L7: blocked on justchat.icu (chrome-ua-hint-missing)	DDoS Attack
🇫🇷 MatStef132	2026-05-14 21:32:38 (3 weeks ago)	[mathost.eu] ua-q	DDoS Attack Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-12 05:04:54 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 104.207.62.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 104.207.62.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 12 01:04:47.588895 2026] [security2:error] [pid 28148:tid 28148] [client 104.207.62.138:10911] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|comitedelafamille.org\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "comitedelafamille.org"] [uri "/a.db"] [unique_id "abJJb0ZCxVeF0UEKaYY3JwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 voormedia	2026-03-05 16:10:26 (3 months ago)	Accessed trap at '/.aws/config'	Web App Attack
🇺🇸 TPI-Abuse	2026-03-05 08:21:31 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 05 03:21:25.936644 2026] [security2:error] [pid 5952:tid 6013] [client 104.207.62.138:63233] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.howardhallis.com"] [uri "/.git/objects/bd/6ce319613ce21e3c7c662bb199e30c1b3370e9"] [unique_id "aak9BawuXG4acSOhQRYD2AAAAVA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-20 05:18:46 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.62.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.62.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 00:18:41.485525 2026] [security2:error] [pid 23844:tid 23844] [client 104.207.62.138:36803] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|castlewelding.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "castlewelding.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aZfusRtC6THb7gXjWT4kpQAAADU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2026-01-23 07:39:34 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (5 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
🇺🇸 TPI-Abuse	2025-11-26 05:57:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:57:26.089743 2025] [security2:error] [pid 31341:tid 31341] [client 104.207.62.138:37213] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.qovintheloop.org"] [uri "/.git/HEAD"] [unique_id "aSaWxoS2CtJn7fx9L6davwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 03:59:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 22:59:47.641833 2025] [security2:error] [pid 32188:tid 32188] [client 104.207.62.138:56643] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.artsy-style.com"] [uri "/.git/HEAD"] [unique_id "aSZ7M1BOggYqqZv__7pKxgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 03:04:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 22:04:07.889051 2025] [security2:error] [pid 30250:tid 30250] [client 104.207.62.138:12645] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "warbonnetmusic.tremulant.com"] [uri "/.git/HEAD"] [unique_id "aSZuJ4A_0dYyGQLJN2ftrwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:32:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:32:13.329147 2025] [security2:error] [pid 3292518:tid 3292541] [client 104.207.62.138:16601] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.41bravo.com"] [uri "/.svn/wc.db"] [unique_id "aSZKjRwrQueSMlYnD3LlJQAAAVU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 132 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 91.230.168.36

🇮🇳 49.43.229.131

🇳🇱 45.156.87.127

🇺🇸 2001:470:1:332::ba

🇧🇷 187.95.249.53

🇰🇷 183.116.206.204

🇨🇳 182.126.112.175

🇮🇹 151.95.211.132

🇮🇩 103.74.5.44

🇺🇸 54.87.22.59

🇳🇱 5.255.113.6

🇬🇧 193.163.125.131

🇧🇷 177.53.42.101

🇵🇰 103.151.47.158

🇲🇽 82.153.2.202

🇷🇴 80.94.93.100

🇺🇸 40.77.167.255

🇩🇪 213.209.159.225

🇳🇴 185.101.33.182

🇺🇸 99.60.18.106