JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.62.252

104.207.62.252 was found in our database!

This IP was reported 133 times. Confidence of Abuse is 14%: ?

14%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.62.252

Whois 104.207.62.252

IP Abuse Reports for 104.207.62.252:

This IP address has been reported a total of 133 times from 11 distinct sources. 104.207.62.252 was first reported on June 4th 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-06-16 21:00:15 (3 days ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇫🇮 JimArchon72	2026-06-15 23:25:01 (4 days ago)	2026/06/15 23:21:38 "GET /wp-login.php?action=register HTTP/1.1"	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-02-10 04:43:39 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 23:43:31.626100 2026] [security2:error] [pid 9161:tid 9161] [client 104.207.62.252:51441] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "klingandi.com"] [uri "/backend/.env"] [unique_id "aYq3c1Hxs1n9moLs4pNdQQAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 04:01:25 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 23:01:18.919979 2026] [security2:error] [pid 28158:tid 28158] [client 104.207.62.252:47731] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "icbsmonitor.net"] [uri "/admin/.env"] [unique_id "aYqtjkLKo6v6yXNQNyomOQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:13:34 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:13:31.034078 2026] [security2:error] [pid 1036080:tid 1036136] [client 104.207.62.252:51721] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iacsb.com"] [uri "/frontend/.env"] [unique_id "aYqiW7hqkwxgJrBFVVMtqwAAAQg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:37:34 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:37:26.164198 2026] [security2:error] [pid 876:tid 876] [client 104.207.62.252:24081] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hshs82.com"] [uri "/admin/.git/config"] [unique_id "aYpvtkdzmpQjWwwqtGVhBQAAADI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:08:17 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:08:10.457328 2026] [security2:error] [pid 15771:tid 15771] [client 104.207.62.252:63617] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hpepaper.com"] [uri "/frontend/.env"] [unique_id "aYpo2ujgOV4IsEfagPjq9wAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 21:13:05 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:12:59.847747 2026] [security2:error] [pid 23476:tid 23476] [client 104.207.62.252:20343] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "horizonsoundchicago.com"] [uri "/wp/.git/config"] [unique_id "aYpN2-2NweP2MpR581NpywAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-12-23 11:24:10 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-12-04 19:06:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 14:06:26.330223 2025] [security2:error] [pid 17812:tid 17812] [client 104.207.62.252:36797] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kdgsf.xyz"] [uri "/.git/HEAD"] [unique_id "aTHbsp8KoVDxX2m7SsgAdQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 11:24:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:24:11.558898 2025] [security2:error] [pid 1721:tid 1721] [client 104.207.62.252:52831] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.ggaccounting.services"] [uri "/.svn/wc.db"] [unique_id "aSbjW0SnYnRFKo70dbd4rQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 10:27:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:27:22.908470 2025] [security2:error] [pid 17191:tid 17191] [client 104.207.62.252:40515] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.dynamic-therapy-mn.com"] [uri "/.svn/wc.db"] [unique_id "aSbWCg8dtRA16jZjEXysfQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 09:57:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 04:57:24.845149 2025] [security2:error] [pid 8959:tid 8959] [client 104.207.62.252:32101] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.stressmyth.com"] [uri "/.env"] [unique_id "aSbPBKIKC83wBfzdy82X6wAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:29:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:29:03.608505 2025] [security2:error] [pid 17003:tid 17003] [client 104.207.62.252:38373] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.veneye.com"] [uri "/.git/HEAD"] [unique_id "aSQlX8U4yEi5mapDee-OiQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 133 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇸 185.121.15.184

🇳🇱 183.81.169.76

🇨🇳 116.167.200.103

🇨🇳 106.13.107.71

🇲🇦 105.76.7.125

🇺🇸 71.192.74.14

🇮🇶 65.20.158.10

🇮🇩 8.215.85.137

🇨🇳 220.181.108.113

🇳🇱 176.65.149.111

🇨🇳 118.145.230.7

🇨🇳 117.175.140.79

🇨🇦 85.217.149.59

🇺🇸 85.208.96.205

🇷🇴 80.94.92.186

🇬🇧 77.97.134.125

🇺🇸 66.132.172.145

🇺🇸 66.38.28.121

🇺🇸 45.3.38.31

🇺🇸 20.83.185.81