JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.62.239

104.207.62.239 was found in our database!

This IP was reported 137 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.62.239

Whois 104.207.62.239

IP Abuse Reports for 104.207.62.239:

This IP address has been reported a total of 137 times from 19 distinct sources. 104.207.62.239 was first reported on June 13th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Hazzard	2026-05-16 08:15:10 (3 weeks ago)	(wordpress) Failed wordpress login from 104.207.62.239 (FR/France/Paris Department/Paris/-/[redacted ... show more (wordpress) Failed wordpress login from 104.207.62.239 (FR/France/Paris Department/Paris/-/[redacted]): (CF_ENABLE) show less	Brute-Force
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-02-20 15:02:02 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.62.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.62.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 10:01:58.451724 2026] [security2:error] [pid 20152:tid 20152] [client 104.207.62.239:54337] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|wsffjatc.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "wsffjatc.org"] [uri "/wp-json/wp/v2/users"] [unique_id "aZh3ZuVuOg7ULKCN87k20wAAAA0"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-20 05:23:46 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.62.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.62.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 00:23:44.089659 2026] [security2:error] [pid 16042:tid 16042] [client 104.207.62.239:55483] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cobbwebb.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cobbwebb.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aZfv4CwUmCJYhVRmypKV1wAAAAA"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-02-13 06:01:26 (3 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.62.239 (FR/France/-): 1 in ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.62.239 (FR/France/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 05:10:53 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:10:47.628341 2026] [security2:error] [pid 1897:tid 1897] [client 104.207.62.239:15451] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kmg365media.com"] [uri "/.env.local"] [unique_id "aY6yV3sjppalxwHXSEsfHwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:17:07 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:17:01.306446 2026] [security2:error] [pid 14484:tid 14484] [client 104.207.62.239:52091] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kinnairdenterprisesllc.com"] [uri "/wp/.git/config"] [unique_id "aY6lvSxAQROhHHPRM82RAAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:42:53 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:42:48.717374 2026] [security2:error] [pid 1580:tid 1580] [client 104.207.62.239:32043] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "anchorroots.com"] [uri "/.git/config"] [unique_id "aY6duOjY9mwgGTxsAdMTVAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-12 22:59:34 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-12	Hacking Web App Attack SSH
Anonymous	2026-02-12 19:52:37 (3 months ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 13:31:09 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 08:30:59.592999 2026] [security2:error] [pid 3346:tid 3346] [client 104.207.62.239:9125] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "123clearmyticket.com"] [uri "/.env"] [unique_id "aY3WE7qII99SEp22MixYdQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-11 09:07:53 (3 months ago)	Blocking for trying to access an exploit file: /.env.production	Hacking
🇺🇸 TPI-Abuse	2026-02-10 23:17:20 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 18:17:14.660760 2026] [security2:error] [pid 2394152:tid 2394169] [client 104.207.62.239:42975] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "echrony.com"] [uri "/api/.env"] [unique_id "aYu8ejxJ3wyui1o-jk67OQAAAUc"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇴 INTEQ	2025-12-31 03:45:34 (5 months ago)	Web attack from 104.207.62.239	Web App Attack
🇮🇹 VHosting	2025-12-30 03:10:07 (5 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack

Showing 1 to 15 of 137 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 159.223.238.255

🇨🇱 34.176.80.215

🇹🇼 198.235.24.95

🇧🇷 186.213.136.95

🇰🇷 175.206.128.41

🇺🇸 162.216.150.239

🇸🇦 159.0.234.169

🇳🇱 158.94.210.233

🇫🇷 85.217.140.50

🇺🇸 34.106.251.255

🇺🇸 20.163.15.43

🇧🇷 2001:1284:f514:c301:74f7:70e7:46fa:1125

🇰🇿 206.62.52.134

🇻🇪 201.238.34.12

🇧🇪 198.235.24.183

🇸🇬 158.178.243.5

🇵🇭 158.62.53.98

🇮🇩 157.85.210.169

🇮🇹 151.95.211.132

🇷🇺 109.230.152.168