JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.62.130

104.207.62.130 was found in our database!

This IP was reported 124 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.62.130

Whois 104.207.62.130

IP Abuse Reports for 104.207.62.130:

This IP address has been reported a total of 124 times from 11 distinct sources. 104.207.62.130 was first reported on June 6th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇹 Malta	2026-05-17 15:49:50 (2 weeks ago)	104.207.62.130 - - [17/May/2026:17:49:49 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows ... show more 104.207.62.130 - - [17/May/2026:17:49:49 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" show less	Hacking Web App Attack VPN IP
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-27 14:19:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 09:18:54.472957 2025] [security2:error] [pid 19871:tid 19871] [client 104.207.62.130:48321] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.stellwagenmusic.com"] [uri "/.env"] [unique_id "aShdzpoHniMmKYxn39h13AAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-27 06:19:14 (6 months ago)	Attempted access to sensitive endpoint (/.svn/wc.db) detected. Automated scan or unauthorized probin ... show more Attempted access to sensitive endpoint (/.svn/wc.db) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 23:26:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 18:26:30.949616 2025] [security2:error] [pid 11578:tid 11578] [client 104.207.62.130:26267] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.tlind.com.hk"] [uri "/.svn/wc.db"] [unique_id "aSeMpprcu2_9-VYl3VoPzQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 19:02:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 14:02:51.620592 2025] [security2:error] [pid 30515:tid 30515] [client 104.207.62.130:11991] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.seahattravel.com"] [uri "/.git/HEAD"] [unique_id "aSdO2zwr-intqAXIdpWXngAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 09:53:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 04:53:17.399246 2025] [security2:error] [pid 22574:tid 22574] [client 104.207.62.130:11819] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.mccachren.org"] [uri "/.git/HEAD"] [unique_id "aSbODaVu4aDNafV19Je_HwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 07:22:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:22:55.359152 2025] [security2:error] [pid 13422:tid 13422] [client 104.207.62.130:44439] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.eurobrake.com"] [uri "/.env"] [unique_id "aSVZT6yajV_FAk7Mld5xWwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:10:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:10:35.522637 2025] [security2:error] [pid 13756:tid 13834] [client 104.207.62.130:27983] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.aussiepens.com"] [uri "/.git/HEAD"] [unique_id "aSVIWy2vRx1ksuNuFaHOswAAAMg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:28:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:27:47.582950 2025] [security2:error] [pid 854926:tid 854926] [client 104.207.62.130:60485] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.citizensforsanity.com"] [uri "/.env"] [unique_id "aSU-U0ZRzAXx4xhqCx_LCQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:14:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:14:41.630342 2025] [security2:error] [pid 3100:tid 3100] [client 104.207.62.130:40261] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.mixmediallc.com"] [uri "/.git/HEAD"] [unique_id "aSUtMWRIYAsyjDLMlRBZXwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:33:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:33:34.145505 2025] [security2:error] [pid 32055:tid 32055] [client 104.207.62.130:21621] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.billfried.net"] [uri "/.svn/wc.db"] [unique_id "aSUjjko3ZbbqrpcfrypdoAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-25 03:03:44 (6 months ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:48:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:48:26.620051 2025] [security2:error] [pid 1647140:tid 1647193] [client 104.207.62.130:23947] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.californiacosmeticsurgery.aafm.us"] [uri "/.svn/wc.db"] [unique_id "aSUY-sWdNO_bFaD03ZYqrgAAAM8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:53:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.62.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.62.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:51:55.149844 2025] [security2:error] [pid 24180:tid 24180] [client 104.207.62.130:17907] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tonysargbook.banis-associates.com"] [uri "/.env"] [unique_id "aSQOm4YVw4pAUDHa0bv80AAAAC0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 124 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 45.156.87.93

🇬🇧 217.146.80.121

🇰🇷 211.63.187.238

🇸🇬 193.37.32.69

🇺🇸 165.154.255.26

🇺🇸 154.28.229.92

🇺🇸 208.87.243.131

🇰🇷 121.165.187.77

🇺🇸 67.215.244.153

🇺🇸 52.225.83.240

🇳🇱 45.148.10.183

🇨🇭 45.143.200.246

🇳🇱 2a13:adc0::2db:cfff:fe2b:2b8a

🇺🇸 186.233.184.67

🇨🇳 182.54.23.197

🇧🇷 177.20.192.30

🇨🇳 175.4.104.50

🇨🇳 122.96.28.183

🇨🇳 122.96.28.12

🇳🇱 80.82.70.228