JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.63.129

104.207.63.129 was found in our database!

This IP was reported 136 times. Confidence of Abuse is 12%: ?

12%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.63.129

Whois 104.207.63.129

IP Abuse Reports for 104.207.63.129:

This IP address has been reported a total of 136 times from 26 distinct sources. 104.207.63.129 was first reported on June 7th 2024, and the most recent report was 3 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 raph	2026-06-07 19:21:42 (3 minutes ago)	[DOT FILES] crawler .env, .git, .config, etc.	Bad Web Bot Web App Attack
🇩🇪 Carsten	2026-05-30 06:39:01 (1 week ago)	bad web bot	Port Scan
🇺🇸 TPI-Abuse	2026-02-13 13:42:11 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.129 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:42:06.319957 2026] [security2:error] [pid 26655:tid 26655] [client 104.207.63.129:38475] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mindbodyrestored.com"] [uri "/test/.git/config"] [unique_id "aY8qLoxUrtydpPIWEAtoqgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:10:20 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.129 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:10:13.339062 2026] [security2:error] [pid 5444:tid 5444] [client 104.207.63.129:42103] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mikekornrich.com"] [uri "/.env.save"] [unique_id "aY8itRhDnW0zJMtVB2VW3gAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 12:46:15 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.129 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 07:46:11.966381 2026] [security2:error] [pid 10378:tid 10378] [client 104.207.63.129:13709] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lasvegaskiss.com"] [uri "/admin/.env"] [unique_id "aY8dEzipelapJV_brInnlgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-02-13 12:40:44 (3 months ago)	Blocked by CSF 13 firewall - Rule: config-dotfile US/United States/-	Web App Attack
🇺🇸 mnsf	2026-02-13 10:05:43 (3 months ago)	Scanning/Probing (11)	Brute-Force Web App Attack
🇩🇪 big-cloud.nl	2026-02-13 08:11:04 (3 months ago)	Try to access /config/.env	Web App Attack
🇩🇪 0x44	2026-02-13 07:13:55 (3 months ago)	104.207.63.129 [13/Feb/2026] * Spam host detected, probing for vulnerabilities	Web Spam Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 07:02:52 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.129 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 02:02:48.047858 2026] [security2:error] [pid 24614:tid 24614] [client 104.207.63.129:47025] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "medics-group.com"] [uri "/.env.production"] [unique_id "aY7MmDaq2y6uNeRZaBCrqQAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:11:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.129 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:11:29.438459 2026] [security2:error] [pid 2727933:tid 2727933] [client 104.207.63.129:39679] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mcefa.org"] [uri "/site/.git/config"] [unique_id "aY7AkaeErd6eEVyW4p4YKgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:36:40 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.129 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:36:32.993581 2026] [security2:error] [pid 2394873:tid 2394873] [client 104.207.63.129:29011] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "maryrosevaro.com"] [uri "/admin/.git/config"] [unique_id "aY6qUEuN9NYMoDe0fCXxwwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:15:41 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.129 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:15:36.617040 2026] [security2:error] [pid 11925:tid 11925] [client 104.207.63.129:21571] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marcedinc.com"] [uri "/.env.local"] [unique_id "aY6XWGBW0WURkdO1MPLxagAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:07:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.129 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:07:18.291253 2026] [security2:error] [pid 9870:tid 9878] [client 104.207.63.129:9721] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "madring.click"] [uri "/app/.env"] [unique_id "aY55Rt-7bgQI0GiYDZ_fvQAAAIU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 16:45:21 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.129 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 11:45:04.313650 2026] [security2:error] [pid 10219:tid 10219] [client 104.207.63.129:19961] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "consultnv.com"] [uri "/.env"] [unique_id "aY4DkPCDQ-t9PZ3YH474dQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 136 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 200.80.229.243

🇧🇷 179.51.153.37

🇮🇩 103.219.73.193

🇿🇦 41.162.124.26

🇰🇪 41.60.239.93

🇷🇴 2.57.121.112

🇮🇳 202.141.65.5

🇺🇸 146.190.154.100

🇨🇳 124.79.181.63

🇨🇳 111.17.199.57

🇲🇾 47.250.83.221

🇱🇹 45.227.254.170

🇳🇱 5.61.209.126

🇦🇪 5.31.203.95

🇱🇦 202.123.176.222

🇺🇸 192.178.115.208

🇩🇪 188.136.233.189

🇹🇼 111.250.123.84

🇷🇴 92.118.39.236

🇳🇱 172.94.9.120