JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.62.172

104.207.62.172 was found in our database!

This IP was reported 130 times. Confidence of Abuse is 7%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.62.172

Whois 104.207.62.172

IP Abuse Reports for 104.207.62.172:

This IP address has been reported a total of 130 times from 14 distinct sources. 104.207.62.172 was first reported on June 4th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇳 ThreatBook.io	2026-05-06 23:24:31 (1 month ago)	ThreatBook Intelligence: http_proxy,Gateway more details on https://threatbook.io/ip/104.207.62.172 ... show more ThreatBook Intelligence: http_proxy,Gateway more details on https://threatbook.io/ip/104.207.62.172 2026-05-06 11:09:08 / show less	Web App Attack
🇬🇧 PeravixGroup	2026-05-02 15:47:14 (1 month ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 2375. Severity: HI ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 2375. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 TPI-Abuse	2025-11-28 17:11:36 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 104.207.62.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 104.207.62.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 12:11:29.842892 2025] [security2:error] [pid 11939:tid 11939] [client 104.207.62.172:26229] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|10mostwantedfugitives.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "10mostwantedfugitives.com"] [uri "/dump.sql"] [unique_id "aSnXwaAhGn42eTF9Dfb7ygAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 16:24:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 11:23:58.864414 2025] [security2:error] [pid 16785:tid 16785] [client 104.207.62.172:46043] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.txt" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "amchaiinc.org"] [uri "/wp-config.txt"] [unique_id "aSnMnhxHuHjc1mek8S93dwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 13:50:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 08:50:01.142286 2025] [security2:error] [pid 29753:tid 29753] [client 104.207.62.172:9211] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mitchellamazing.com"] [uri "/wp-config.php.bak"] [unique_id "aSmoiXevNarlTJ-zDlIUQAAAAAw"], referer: http://amazingindustries.com/wp-config.php.bak show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 06:03:33 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 104.207.62.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 104.207.62.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 01:03:30.490997 2025] [security2:error] [pid 16704:tid 16704] [client 104.207.62.172:51393] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|altansirel.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "altansirel.com"] [uri "/backup.sql"] [unique_id "aSk7Mj_hdb4fBZYw1KYYxAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:28:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:28:12.941723 2025] [security2:error] [pid 3613:tid 3613] [client 104.207.62.172:27231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.michaelprussin.com"] [uri "/.svn/wc.db"] [unique_id "aSVMfJb0XlY4ezp7YKLLqQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:11:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:11:03.931135 2025] [security2:error] [pid 9988:tid 9988] [client 104.207.62.172:24987] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.pankoff.com"] [uri "/.env"] [unique_id "aSVIdwNmHQov_WO0hZBvkQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:27:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:27:36.327424 2025] [security2:error] [pid 7158:tid 7158] [client 104.207.62.172:55897] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.imagesbyaubrey.com"] [uri "/.git/HEAD"] [unique_id "aSU-SLvAzd75UhQnJhKjJAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:34:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:34:11.970163 2025] [security2:error] [pid 1816811:tid 1816947] [client 104.207.62.172:60819] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dpiazza.com"] [uri "/.git/HEAD"] [unique_id "aSUxw-3xOpFSh0WflctzoAAAAEY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:44:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:44:09.693545 2025] [security2:error] [pid 7326:tid 7530] [client 104.207.62.172:23599] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "copex-ireland.com"] [uri "/.env"] [unique_id "aSUJ6dNUaJ5dFUuoaTx4zQAAANA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:08:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:08:36.920770 2025] [security2:error] [pid 28797:tid 28797] [client 104.207.62.172:49627] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.kirkrmartin.com"] [uri "/.env"] [unique_id "aSUBlFJ2uu-sC71a0QGvyAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-04-06 19:40:22 (1 year ago)	Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.06 is noted in report tim ... show more Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.06 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-04 22:13:57 (1 year ago)	Attempted brute force login to web vpn 5 time(s); last attempt for 2025.04.04 is noted in report tim ... show more Attempted brute force login to web vpn 5 time(s); last attempt for 2025.04.04 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-03 22:56:55 (1 year ago)	Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.03 is noted in report tim ... show more Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.03 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 130 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 147.185.132.93

🇸🇪 83.226.181.38

🇰🇷 14.51.223.141

🇩🇪 2a0a:4cc0:c0:62aa:e4d9:82ff:fe62:7417

🇨🇳 220.184.187.38

🇨🇳 182.43.235.75

🇨🇳 171.110.110.237

🇨🇳 171.110.110.235

🇺🇸 143.198.150.150

🇨🇳 120.55.180.250

🇻🇳 103.143.207.18

🇮🇳 103.21.79.242

🇺🇸 65.110.40.194

🇩🇪 64.89.163.206

🇫🇷 51.159.111.44

🇷🇺 46.226.71.178

🇳🇱 45.148.10.157

🇨🇳 14.103.114.199

🇷🇴 2.57.122.177

🇨🇳 1.119.194.226