JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.62.127

104.207.62.127 was found in our database!

This IP was reported 134 times. Confidence of Abuse is 15%: ?

15%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.62.127

Whois 104.207.62.127

IP Abuse Reports for 104.207.62.127:

This IP address has been reported a total of 134 times from 19 distinct sources. 104.207.62.127 was first reported on June 5th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-08 22:50:07 (1 week ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2026-05-29 08:54:56 (3 weeks ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇩🇪 Axel	2026-05-21 09:44:26 (1 month ago)	[2026-05-21 09:44:26 UTC] Honeypot WebLogic connection attempt \| AXFRA HONEYPOT	Web App Attack
🇩🇪 LRob.fr	2026-05-05 06:45:05 (1 month ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇺🇸 windowsforum	2026-03-05 19:08:21 (3 months ago)	Spam bot registration: triggers=timing, js_challenge, inv_honeypot, pow_fail, username=PhillipMar	Web Spam Bad Web Bot
Anonymous	2026-01-16 14:29:50 (5 months ago)	wordpress-trap	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:07 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-12-15 06:23:27 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (6 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
🇧🇪 madeit	2025-11-30 04:32:39 (6 months ago)		Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:57:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.127 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:57:09.326358 2025] [security2:error] [pid 19248:tid 19248] [client 104.207.62.127:31407] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.satanisdead.com"] [uri "/.svn/wc.db"] [unique_id "aSU3JbK6rE62NXplHUxLnQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:40:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.127 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:40:27.107267 2025] [security2:error] [pid 26742:tid 26742] [client 104.207.62.127:16915] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.teachingthestars.com"] [uri "/.git/HEAD"] [unique_id "aSUlK_dcBsfLFBwQyqaDTQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:58:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.127 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:58:40.108282 2025] [security2:error] [pid 14069:tid 14069] [client 104.207.62.127:32601] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.mavikalem.org"] [uri "/.svn/wc.db"] [unique_id "aSUbYHFVG-67_v97SrNJCwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:10:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.127 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:10:24.051807 2025] [security2:error] [pid 24689:tid 24689] [client 104.207.62.127:55679] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.b-kinibottom.com"] [uri "/.git/HEAD"] [unique_id "aSUQEGqWeZaM_7024FuI3QAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:36:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.127 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:36:19.353222 2025] [security2:error] [pid 4311:tid 4335] [client 104.207.62.127:14413] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.meanmouse.com"] [uri "/.svn/wc.db"] [unique_id "aSUIE6O7-HhXDlACxWpLMwAAAIs"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 134 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.236

🇹🇼 198.235.24.29

🇭🇰 193.176.211.55

🇺🇸 135.237.125.122

🇺🇸 104.248.50.150

🇬🇧 35.203.210.148

🇨🇳 124.88.113.27

🇨🇳 112.31.167.120

🇺🇸 91.230.168.96

🇮🇪 80.233.49.235

🇨🇳 36.250.94.95

🇮🇶 5.62.139.142

🇳🇬 165.154.11.172

🇳🇱 91.92.40.11

🇹🇼 61.222.211.114

🇧🇪 35.205.69.25

🇺🇸 2607:f8b0:400e:c06::123

🇳🇱 204.76.203.36

🇹🇼 198.235.24.86

🇲🇾 175.145.219.14