JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.62.117

104.207.62.117 was found in our database!

This IP was reported 142 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.62.117

Whois 104.207.62.117

IP Abuse Reports for 104.207.62.117:

This IP address has been reported a total of 142 times from 18 distinct sources. 104.207.62.117 was first reported on June 14th 2024, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-09 22:46:05 (5 days ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 oncord	2026-01-02 19:04:13 (5 months ago)	Form spam	Web Spam
🇦🇺 oncord	2025-12-29 21:11:08 (5 months ago)	Form spam	Web Spam
🇦🇺 oncord	2025-12-28 20:54:20 (5 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2025-11-27 11:33:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 06:33:35.640496 2025] [security2:error] [pid 25345:tid 25345] [client 104.207.62.117:43477] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.reyadecostarica.com"] [uri "/.svn/wc.db"] [unique_id "aSg3D-4CHmVV7aDjg4DHSAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 07:54:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 02:54:29.047691 2025] [security2:error] [pid 24775:tid 24775] [client 104.207.62.117:31387] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.polish-boat-registration.com"] [uri "/.svn/wc.db"] [unique_id "aSgDtcV9t4ToKg3crWYNQAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-25 07:52:24 (6 months ago)	"GET /.svn/wc.db HTTP/1.1"	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:43:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:43:09.110634 2025] [security2:error] [pid 16468:tid 16468] [client 104.207.62.117:12577] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.nightowlprinting.com"] [uri "/.git/HEAD"] [unique_id "aSVP_VvDrcHbyXMGD5bVEQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-25 06:04:02 (6 months ago)	Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing ... show more Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:38:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:37:55.203306 2025] [security2:error] [pid 31704:tid 31704] [client 104.207.62.117:33639] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.leothecolorman.com"] [uri "/.svn/wc.db"] [unique_id "aSVAs7xs26QVfle2hLvQpgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:18:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:18:12.088596 2025] [security2:error] [pid 21925:tid 21925] [client 104.207.62.117:32007] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.schoolrx.org"] [uri "/.env"] [unique_id "aSU8FA5W90Aw47jY7tjKEwAAACY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:51:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:50:50.794915 2025] [security2:error] [pid 5276:tid 5276] [client 104.207.62.117:54239] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.birthplaceofprohockey.org.dhsgrad.net"] [uri "/.svn/wc.db"] [unique_id "aSU1ql3RYc1aAgyNvXe7egAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:26:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:25:59.993452 2025] [security2:error] [pid 22186:tid 22186] [client 104.207.62.117:21055] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.kellermoving.com"] [uri "/.svn/wc.db"] [unique_id "aSUv11n9vP-x5HW9SnUvWAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:43:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:43:47.472796 2025] [security2:error] [pid 29074:tid 29074] [client 104.207.62.117:17337] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.k9team.org"] [uri "/.git/HEAD"] [unique_id "aSUl81qmztWsG3OnYsoMpAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:23:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:23:33.318188 2025] [security2:error] [pid 670332:tid 670332] [client 104.207.62.117:56561] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.sternscape.com"] [uri "/.git/HEAD"] [unique_id "aSUTJRi9sWmuw5gbFAC8LAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 142 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇭 209.99.187.52

🇹🇭 159.192.133.140

🇫🇷 85.217.140.3

🇺🇸 83.142.52.188

🇺🇸 64.62.197.52

🇹🇷 45.136.5.14

🇮🇳 34.93.106.255

🇰🇷 218.148.106.182

🇰🇷 211.104.137.55

🇳🇱 206.189.109.91

🇺🇸 195.184.76.68

🇳🇱 192.42.116.100

🇷🇺 178.20.44.82

🇺🇸 173.239.214.166

🇺🇸 172.233.221.115

🇧🇷 170.238.160.191

🇹🇭 159.192.132.36

🇺🇸 157.230.136.54

🇺🇸 151.240.231.165

🇺🇸 149.18.166.83