JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.63.131

104.207.63.131 was found in our database!

This IP was reported 134 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.63.131

Whois 104.207.63.131

IP Abuse Reports for 104.207.63.131:

This IP address has been reported a total of 134 times from 13 distinct sources. 104.207.63.131 was first reported on June 5th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 oncord	2026-03-06 08:20:46 (3 months ago)	Form spam	Web Spam
🇦🇺 oncord	2026-03-02 05:59:16 (3 months ago)	Form spam	Web Spam
🇦🇺 oncord	2026-02-28 11:30:57 (3 months ago)	Form spam	Web Spam
🇫🇷 Sklurk	2026-02-12 17:17:15 (3 months ago)	Web App Attack	Web App Attack
🇩🇪 bescared	2026-02-10 12:14:15 (3 months ago)	F2B - Malicious activity detected. Web Spam.	Web Spam
🇨🇭 backslash	2026-02-08 09:55:05 (3 months ago)	block ruleset 6A1105329D233F6F53B9B61CE056BD4DAAE75AB4	Web Spam
🇦🇺 oncord	2026-02-05 09:51:19 (4 months ago)	Form spam	Web Spam
🇦🇺 oncord	2026-02-03 15:52:14 (4 months ago)	Form spam	Web Spam
Anonymous	2025-12-17 20:20:06 (5 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-11-26 09:50:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.131 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 04:50:40.796750 2025] [security2:error] [pid 7136:tid 7136] [client 104.207.63.131:35929] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.thinkingepic.com"] [uri "/.svn/wc.db"] [unique_id "aSbNcCyH3pIbuOgENuSVAwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 07:22:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.131 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:21:59.406391 2025] [security2:error] [pid 2027408:tid 2027421] [client 104.207.63.131:32323] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "encuentrelas10diferencias.wizart.org"] [uri "/.svn/wc.db"] [unique_id "aSVZF30JlhnQTGLFtsgoHQAAAMc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 07:04:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.131 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:04:00.092010 2025] [security2:error] [pid 25263:tid 25263] [client 104.207.63.131:36251] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.ramoundos.com"] [uri "/.svn/wc.db"] [unique_id "aSVU4Mr0_Ewdb8yjDfFX-gAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:11:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.131 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:11:31.725390 2025] [security2:error] [pid 13622:tid 13622] [client 104.207.63.131:11605] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.truthsabouthealthcare.com"] [uri "/.env"] [unique_id "aSVIk6_nVkN5i0vKCYXeCAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:41:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.131 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:41:38.929741 2025] [security2:error] [pid 29152:tid 29152] [client 104.207.63.131:55719] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.seekingthemind.com"] [uri "/.env"] [unique_id "aSVBklkSNWP_z3KkRv_l1wAAADg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:04:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.131 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:04:21.707861 2025] [security2:error] [pid 26048:tid 26048] [client 104.207.63.131:35125] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.randallbrooks.com"] [uri "/.env"] [unique_id "aSU41Z9Yucc3ErtWB3IYxAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 134 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 194.195.211.196

🇷🇸 188.2.233.141

🇲🇽 186.96.145.241

🇨🇳 119.48.134.213

🇮🇩 103.154.231.122

🇷🇴 92.118.39.62

🇷🇴 2.57.121.25

🇯🇵 203.25.124.6

🇭🇰 194.187.178.79

🇺🇸 165.227.54.132

🇬🇧 37.10.113.212

🇮🇷 2.180.149.52

🇬🇧 195.96.139.92

🇭🇰 194.187.178.78

🇫🇷 146.70.194.236

🇨🇳 120.48.90.166

🇫🇷 51.210.10.184

🇮🇷 31.47.51.212

🇺🇸 3.144.146.217

🇨🇳 222.246.42.201