JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.63.136

104.207.63.136 was found in our database!

This IP was reported 125 times. Confidence of Abuse is 3%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.63.136

Whois 104.207.63.136

IP Abuse Reports for 104.207.63.136:

This IP address has been reported a total of 125 times from 15 distinct sources. 104.207.63.136 was first reported on June 20th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-06 17:05:41 (1 week ago)	Scanning/Probing (24)	Brute-Force Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:00:50 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-08 13:09:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 08:09:48.102461 2025] [security2:error] [pid 1938:tid 1938] [client 104.207.63.136:47539] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iainrealtor.com"] [uri "/.git/HEAD"] [unique_id "aTbOHGPf3o8Pdc0-h0CS9wAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 12:25:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 07:25:13.547518 2025] [security2:error] [pid 23883:tid 23883] [client 104.207.63.136:21257] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bhsp.org"] [uri "/.git/HEAD"] [unique_id "aTVyKf6JPacGvvxC6W6iXQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 rellik	2025-12-05 22:16:00 (6 months ago)	Scanning Critical File, Potential Part of BotNet	DDoS Attack Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 14:29:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 09:29:29.902433 2025] [security2:error] [pid 4353:tid 4369] [client 104.207.63.136:43137] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "shieldsenterprisesusa.com"] [uri "/.env"] [unique_id "aTLsSZXroBTGTA2_DJEPOQAAAI4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 08:59:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 03:59:06.118451 2025] [security2:error] [pid 16343:tid 16343] [client 104.207.63.136:43865] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bellabokoremas.com"] [uri "/.git/HEAD"] [unique_id "aTKe2gapL6W3yfBjM3btxwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 06:29:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 01:29:02.194526 2025] [security2:error] [pid 14103:tid 14103] [client 104.207.63.136:17159] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "photoboothtogo.com"] [uri "/.git/HEAD"] [unique_id "aTJ7rgeDcPxGHPuckbgQ7QAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 00:52:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 19:52:09.941462 2025] [security2:error] [pid 13800:tid 13800] [client 104.207.63.136:17701] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ivoryweddingnapkins.com"] [uri "/.git/HEAD"] [unique_id "aTIsuRhdPPD9YnTgIdraeQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:36:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:36:25.064074 2025] [security2:error] [pid 19028:tid 19028] [client 104.207.63.136:42427] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.davidocchino.com"] [uri "/.env"] [unique_id "aSQnGejFaULTg4FRLMBgcwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:02:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:01:58.860195 2025] [security2:error] [pid 20462:tid 20462] [client 104.207.63.136:23111] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jbsellsre.burlison.com"] [uri "/.env"] [unique_id "aSQfBrTWjIaObHTMYM4JpAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:38:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:37:56.478798 2025] [security2:error] [pid 29551:tid 29551] [client 104.207.63.136:39573] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.steinmetzjewelers.com"] [uri "/.git/HEAD"] [unique_id "aSPhJElECiY7uQkkNNQQ-QAAACk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-30 11:24:44 (7 months ago)	wordpress-trap	Web App Attack
🇺🇸 TPI-Abuse	2025-10-16 16:37:47 (8 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.63.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.63.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 16 12:37:43.161256 2025] [security2:error] [pid 29491:tid 29491] [client 104.207.63.136:18125] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|marianozaro.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "marianozaro.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aPEfV857r8z51gKVu3ENAwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-04-07 01:36:35 (1 year ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 125 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 195.184.76.134

🇺🇸 179.61.232.244

🇮🇩 160.187.174.22

🇦🇹 152.53.0.56

🇲🇾 115.135.234.221

🇩🇪 213.209.159.231

🇳🇱 185.224.128.16

🇮🇳 182.95.150.186

🇳🇱 176.65.148.215

🇮🇩 103.154.231.122

🇩🇪 69.5.169.165

🇩🇿 41.110.4.106

🇰🇷 175.207.205.249

🇸🇦 144.24.209.174

🇭🇰 125.215.199.37

🇺🇸 104.23.203.148

🇳🇱 91.92.42.86

🇳🇱 91.92.40.52

🇨🇳 61.146.235.54

🇳🇱 51.15.81.150