JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.62.224

104.207.62.224 was found in our database!

This IP was reported 126 times. Confidence of Abuse is 8%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.62.224

Whois 104.207.62.224

IP Abuse Reports for 104.207.62.224:

This IP address has been reported a total of 126 times from 17 distinct sources. 104.207.62.224 was first reported on June 27th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 as211431.net	2026-05-13 09:00:31 (1 month ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /index.php UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇩🇪 Lino Project	2026-05-12 17:53:37 (1 month ago)	104.207.62.224 - - [12/May/2026:19:53:36 +0200] "GET /wp-admin/post-new.php HTTP/1.1" 403 6488 "http ... show more 104.207.62.224 - - [12/May/2026:19:53:36 +0200] "GET /wp-admin/post-new.php HTTP/1.1" 403 6488 "https://www.primobio.it/mio-account/" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 13:05:21 (4 months ago)	Too many Status 40X (12) Scanning/Probing (14)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:54:09 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:54:03.546485 2026] [security2:error] [pid 13250:tid 13250] [client 104.207.62.224:16725] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "paladinmicro.com"] [uri "/api/.env"] [unique_id "aZGz2zRaN1mi2EaZgL0ueAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-15 07:05:08 (4 months ago)	WAF repeated trigger detected by Fail2Ban	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:20:29 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:20:23.488193 2026] [security2:error] [pid 25240:tid 25240] [client 104.207.62.224:24663] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "onlineteacher.info"] [uri "/api/.git/config"] [unique_id "aZFlp3giNHbHbxbcoKM6rQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:54:40 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:54:36.643839 2026] [security2:error] [pid 17356:tid 17356] [client 104.207.62.224:59383] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "professorjunk.com"] [uri "/.env"] [unique_id "aZFfnKhGemS0qivLnC8Z0gAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:37:47 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:37:40.601392 2026] [security2:error] [pid 26010:tid 26010] [client 104.207.62.224:38999] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sbxyz.net"] [uri "/app/.env"] [unique_id "aZFbpG-CBAYqjTnhZn5FUgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:16:56 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:16:50.988120 2026] [security2:error] [pid 284992:tid 284992] [client 104.207.62.224:62037] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nsightsound.com"] [uri "/.env.production"] [unique_id "aZFIsoqdm4KaR8ED7z_98QAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:55:58 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:55:51.581850 2026] [security2:error] [pid 22268:tid 22268] [client 104.207.62.224:28325] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "noscentpro.com"] [uri "/new/.git/config"] [unique_id "aZFDxwayW91od8IqlTRe-gAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:23:08 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:23:04.214265 2026] [security2:error] [pid 2168:tid 2188] [client 104.207.62.224:36403] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nobledyn.com"] [uri "/.env.production"] [unique_id "aZE8GLFwGIsX64Wb-80VbwAAAE8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-15 02:47:04 (4 months ago)	Bot / scanning and/or hacking attempts: GET /admin/.env HTTP/1.1, GET /app/.env HTTP/1.1, GET /.env. ... show more Bot / scanning and/or hacking attempts: GET /admin/.env HTTP/1.1, GET /app/.env HTTP/1.1, GET /.env.save HTTP/1.1, GET /admin/.git/config HTTP/1.1, GET /backend/.env HTTP/1.1, GET /.git/config HTTP/1.1, GET /frontend/.env HTTP/1.1, GET /config/.env HTTP/1.1, GET /api/.env HTTP/1.1, GET /.env.local HTTP/1.1, GET /dev/.git/config HTTP/1.1 show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:29:45 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:29:40.279117 2026] [security2:error] [pid 3949:tid 3949] [client 104.207.62.224:15729] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "plazacristal.com"] [uri "/config/.env"] [unique_id "aZEvlIBC0rQ4m-0Zud9jOgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 Origon	2026-02-15 02:16:52 (4 months ago)	http-sensitive-files - IP: 104.207.62.224 - time="2026-02-15T03:16:52+01:00" level=info msg="(555f6 ... show more http-sensitive-files - IP: 104.207.62.224 - time="2026-02-15T03:16:52+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.62.224 (FR/200373) : 4h ban on Ip 104.207.62.224" module=db show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:39:52 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:39:49.204116 2026] [security2:error] [pid 17392:tid 17409] [client 104.207.62.224:29341] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nelsonyung.com"] [uri "/site/.git/config"] [unique_id "aZEj5TIyJsQfjBl0rcj9bwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 126 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇿🇦 197.234.242.158

🇧🇷 177.77.135.103

🇯🇵 162.158.119.230

🇨🇳 144.123.77.20

🇸🇬 114.119.154.203

🇳🇱 45.198.224.5

🇳🇱 45.148.10.147

🇭🇰 199.45.154.132

🇯🇵 172.69.63.11

🇫🇮 147.185.133.65

🇧🇬 79.124.40.110

🇺🇸 47.251.121.162

🇳🇱 45.148.10.151

🇸🇬 45.78.198.199

🇺🇸 35.226.15.76

🇮🇳 182.78.87.2

🇯🇵 172.71.100.206

🇧🇩 172.69.159.148

🇮🇳 154.221.35.72

🇺🇸 147.185.132.100