JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.63.159

104.207.63.159 was found in our database!

This IP was reported 151 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.63.159

Whois 104.207.63.159

IP Abuse Reports for 104.207.63.159:

This IP address has been reported a total of 151 times from 24 distinct sources. 104.207.63.159 was first reported on June 18th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-10 16:39:08 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.159 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 11:39:02.039025 2026] [security2:error] [pid 1611:tid 1611] [client 104.207.63.159:41177] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "15tobefit.com"] [uri "/.env.production"] [unique_id "aYtfJozfe1944pej7IW0FgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 15:55:51 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.159 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 10:55:43.524349 2026] [security2:error] [pid 18075:tid 18075] [client 104.207.63.159:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "antitribu.com"] [uri "/test/.git/config"] [unique_id "aYtU_y-6XtDWX-Mjgq57awAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 05:27:14 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.159 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 00:27:09.717616 2026] [security2:error] [pid 22760:tid 22760] [client 104.207.63.159:9743] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "knowledgepreservationalliance.com"] [uri "/.env.staging"] [unique_id "aYrBrY_DLsK7UMXQz1JKwAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:42:22 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.159 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:42:16.003465 2026] [security2:error] [pid 18599:tid 18599] [client 104.207.63.159:55269] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ibermar.info"] [uri "/app/.git/config"] [unique_id "aYqpGH2RZLeiQA50A_aWwgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:33:55 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.159 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:33:50.669474 2026] [security2:error] [pid 4476:tid 4476] [client 104.207.63.159:45749] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hyps.net"] [uri "/.env.production"] [unique_id "aYqZDkOJX-wtmUtLs_v28AAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:02:04 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.159 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:01:56.140001 2026] [security2:error] [pid 11219:tid 11219] [client 104.207.63.159:21877] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kdgsf.xyz"] [uri "/.env.staging"] [unique_id "aYpnZOJEO1X-T8ixvyuCdwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:06:25 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.159 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:06:19.610501 2026] [security2:error] [pid 717735:tid 717762] [client 104.207.63.159:35321] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hotelpuertadelsolcr.com"] [uri "/backend/.env"] [unique_id "aYpaW1e2saaLoPBOZVpSPgAAAFA"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 COMAITE	2026-02-06 03:27:57 (4 months ago)	Common web attack from 104.207.63.159.	Web App Attack
🇪🇸 10dencehispahard SL	2026-01-13 06:47:29 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇮🇹 VHosting	2026-01-04 00:10:09 (5 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-23 17:51:54 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.159 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 23 12:51:49.296106 2025] [security2:error] [pid 22385:tid 22385] [client 104.207.63.159:46091] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "achildsspace.com"] [uri "/wp-config.php"] [unique_id "aUrWtcNlTJZnJWa-QX6MIQAAACM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-29 02:30:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.159 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 21:30:32.520848 2025] [security2:error] [pid 19729:tid 19729] [client 104.207.63.159:57259] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "acadianahero.com"] [uri "/.env.development"] [unique_id "aSpayKmsMsS7eDU8c2HKngAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 17:32:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.159 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 12:32:37.203148 2025] [security2:error] [pid 28130:tid 28130] [client 104.207.63.159:52427] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "americaaborn.com"] [uri "/wp-config.php.bak"] [unique_id "aSnctdSNnuhA2eGClcD-lAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2025-11-28 05:17:34 (6 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇩🇪 neckaralb-admin.de	2025-11-24 08:47:51 (6 months ago)	(wordpress) Failed login wp-login.php or xmlrpc.php	Web App Attack

Showing 1 to 15 of 151 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.199.173.29

🇳🇱 160.119.69.16

🇫🇮 147.185.133.193

🇨🇳 139.204.124.93

🇭🇰 103.229.125.106

🇮🇪 89.184.60.73

🇩🇪 69.5.169.98

🇬🇧 35.203.211.128

🇩🇪 212.227.126.133

🇧🇷 187.8.120.90

🇺🇸 155.138.223.68

🇺🇸 148.153.121.224

🇸🇬 139.99.38.177

🇺🇸 137.184.46.48

🇹🇭 124.122.187.239

🇻🇳 103.75.182.132

🇹🇷 88.242.211.79

🇺🇸 74.125.186.151

🇳🇱 45.148.10.141

🇭🇰 45.116.78.92