JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.63.109

104.207.63.109 was found in our database!

This IP was reported 135 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.63.109

Whois 104.207.63.109

IP Abuse Reports for 104.207.63.109:

This IP address has been reported a total of 135 times from 12 distinct sources. 104.207.63.109 was first reported on June 7th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-13 09:06:17 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 04:06:13.774014 2026] [security2:error] [pid 19864:tid 19864] [client 104.207.63.109:17193] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "landeagle.com"] [uri "/.env.save"] [unique_id "aY7phRiIYEd4KPq1I3TxRQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:02:50 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:02:45.396133 2026] [security2:error] [pid 2131:tid 2131] [client 104.207.63.109:14303] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kooroshvaziri.com"] [uri "/dev/.git/config"] [unique_id "aY6-hVfYpT1H5qLcI6N5dwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:37:32 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:37:23.281236 2026] [security2:error] [pid 924:tid 924] [client 104.207.63.109:41367] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kathleenhazlett.com"] [uri "/backend/.env"] [unique_id "aY6AUwXmOyOeYkcA2Qza4wAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-12 22:59:56 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-12	Hacking Web App Attack SSH
🇪🇸 loadsoporte	2026-02-12 22:25:50 (3 months ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇺🇸 TPI-Abuse	2026-02-12 19:50:58 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 14:50:51.162276 2026] [security2:error] [pid 23854:tid 23854] [client 104.207.63.109:43759] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brandfacets.com"] [uri "/.env"] [unique_id "aY4vG_Bv3D_wHOQYEIGOEAAAACM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 17:35:42 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 12:35:39.870472 2026] [security2:error] [pid 27566:tid 27566] [client 104.207.63.109:28175] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "billfried.net"] [uri "/.env"] [unique_id "aY4Pazgxy7pI_gxfKHeD7QAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 16:20:10 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 11:20:02.415222 2026] [security2:error] [pid 14300:tid 14300] [client 104.207.63.109:60205] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "apsni.net"] [uri "/.env"] [unique_id "aY39sgd0ke5Yqn-M47SJ-gAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 15:36:03 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 10:31:45.698815 2026] [security2:error] [pid 4457:tid 4457] [client 104.207.63.109:11533] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "belgiophar.org"] [uri "/.git/config"] [unique_id "aY3yYbBeibGxf1gUc45tMgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 13:31:21 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 08:31:16.916433 2026] [security2:error] [pid 7821:tid 7821] [client 104.207.63.109:47429] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "123clearmyticket.com"] [uri "/admin/.env"] [unique_id "aY3WJNwMVOPhKfW_Dh4rhgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Carsten	2026-02-12 05:05:28 (3 months ago)	GET [.env]	Port Scan
🇺🇸 TPI-Abuse	2026-02-11 10:12:42 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 05:12:34.825334 2026] [security2:error] [pid 2871839:tid 2871883] [client 104.207.63.109:43767] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "councilofforeignministers.com"] [uri "/.env"] [unique_id "aYxWEvAupmAvPH_SmjrCJQAAAQ8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 00:47:58 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 19:47:41.964305 2026] [security2:error] [pid 12689:tid 12689] [client 104.207.63.109:12697] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "copiershickory.com"] [uri "/new/.git/config"] [unique_id "aYvRrShkEpq7sSXVmOfZJAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 20:56:52 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 15:56:38.658545 2026] [security2:error] [pid 1654:tid 1654] [client 104.207.63.109:33311] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "contractorspecializing.com"] [uri "/.env"] [unique_id "aYubhtcFetb_wQeZS2LddgAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 01:25:31 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 20:25:26.913738 2026] [security2:error] [pid 2641682:tid 2641682] [client 104.207.63.109:31831] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gemexpressions.com"] [uri "/dev/.git/config"] [unique_id "aYqJBvrBOOg0Ci0s9WB8fwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 135 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.227

🇺🇦 195.72.146.67

🇬🇧 193.163.125.219

🇯🇵 172.105.216.217

🇸🇪 171.25.158.74

🇱🇹 77.90.185.37

🇺🇸 76.13.73.4

🇺🇸 45.56.79.53

🇬🇧 34.89.104.112

🇺🇸 195.184.76.247

🇺🇸 195.184.76.223

🇳🇱 185.156.73.233

🇺🇸 165.154.173.141

🇺🇸 162.216.150.14

🇺🇸 129.146.243.24

🇺🇦 85.114.198.164

🇱🇹 81.30.98.142

🇬🇧 81.19.219.226

🇺🇸 66.132.172.43

🇺🇸 52.180.137.70