JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.63.165

104.207.63.165 was found in our database!

This IP was reported 135 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.63.165

Whois 104.207.63.165

IP Abuse Reports for 104.207.63.165:

This IP address has been reported a total of 135 times from 21 distinct sources. 104.207.63.165 was first reported on June 12th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 sefinek.net	2026-04-04 08:23:14 (2 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 YaBrowser/22.7.0 Yowser/2.5 Safari/537.36 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇱🇻 garmtech.com	2026-02-10 21:14:27 (3 months ago)	IM360 WAF: Laravel .env file access	Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 19:35:43 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.165 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 14:35:33.073687 2026] [security2:error] [pid 1205:tid 1205] [client 104.207.63.165:55515] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aperturecontrols.com"] [uri "/dev/.git/config"] [unique_id "aYuIhVMoeg2EOZkaO7vXAAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 15:10:08 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.165 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 10:10:01.549010 2026] [security2:error] [pid 22450:tid 22450] [client 104.207.63.165:40833] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "anthraxbooks.info"] [uri "/.env.staging"] [unique_id "aYtKSdYasNpzE9ktqfL60wAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 06:15:22 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.165 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 01:15:17.833514 2026] [security2:error] [pid 20040:tid 20040] [client 104.207.63.165:55341] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ik3co.com"] [uri "/.env.production"] [unique_id "aYrM9VKyPrx3qsmnkWTDOQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 05:06:06 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.165 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 00:05:58.631570 2026] [security2:error] [pid 27801:tid 27801] [client 104.207.63.165:33169] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "idodat.com"] [uri "/v2/.git/config"] [unique_id "aYq8tgrtv6Bvc9D2h0qHjQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2026-02-10 02:01:36 (3 months ago)	Unauthorized login attempts [ accesslogs]	Brute-Force
🇺🇸 TPI-Abuse	2026-02-10 00:48:05 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.165 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:48:00.734300 2026] [security2:error] [pid 2600475:tid 2600475] [client 104.207.63.165:46183] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keysenterprise.com"] [uri "/app/.git/config"] [unique_id "aYqAQBdoLFi_6TG7MvTf6gAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:20:47 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.165 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:20:40.339311 2026] [security2:error] [pid 1570:tid 1604] [client 104.207.63.165:64939] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keetons.net"] [uri "/dev/.git/config"] [unique_id "aYpryHeVpx3S5SN-NSqjIQAAANc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:33:01 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.165 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:32:54.804208 2026] [security2:error] [pid 9550:tid 9550] [client 104.207.63.165:64879] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kayelynn.com"] [uri "/app/.git/config"] [unique_id "aYpglrh5Ew4hUEaQhlE-jwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-09 21:08:14 (3 months ago)	Blocking for trying to access an exploit file: /wp/.git/config	Hacking
🇺🇸 TPI-Abuse	2026-02-09 21:04:08 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.165 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:04:02.146813 2026] [security2:error] [pid 242085:tid 242085] [client 104.207.63.165:45831] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hopitel.com"] [uri "/api/.git/config"] [unique_id "aYpLwn1eE8-i-XW-Cx9qewAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:35:19 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.165 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:35:16.453715 2025] [security2:error] [pid 8262:tid 8262] [client 104.207.63.165:41809] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brianchancemusic.com"] [uri "/.svn/wc.db"] [unique_id "aVITFOoj7_lXgExouOI9RAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 03:52:19 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.165 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 22:52:13.697758 2025] [security2:error] [pid 21735:tid 21735] [client 104.207.63.165:34951] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "donutlocations.com"] [uri "/.env"] [unique_id "aVH67X9oBrpivAcc2hgK4gAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 ki3	2025-11-04 06:07:17 (7 months ago)	Fail2Ban: Web App Attacks and Forum Spam 104.207.63.165 1762236437.0(JST)	Web Spam Bad Web Bot Web App Attack

Showing 1 to 15 of 135 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 47.251.5.136

🇺🇸 3.210.169.234

🇩🇪 2.26.80.210

🇨🇳 222.138.40.246

🇺🇸 216.172.190.116

🇰🇷 211.251.245.88

🇺🇸 103.216.1.166

🇸🇬 47.84.100.167

🇳🇱 45.148.10.151

🇺🇸 192.254.210.231

🇨🇳 182.32.169.203

🇩🇪 167.94.145.22

🇺🇸 142.251.156.119

🇬🇧 35.203.210.162

🇳🇱 192.253.248.169

🇲🇾 121.122.119.170

🇮🇳 117.205.2.250

🇳🇱 45.148.10.141

🇩🇪 31.17.183.89

🇦🇪 20.203.42.204