JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.63.18

104.207.63.18 was found in our database!

This IP was reported 80 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.63.18

Whois 104.207.63.18

IP Abuse Reports for 104.207.63.18:

This IP address has been reported a total of 80 times from 12 distinct sources. 104.207.63.18 was first reported on June 6th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-09 21:22:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:22:49.542216 2026] [security2:error] [pid 1477110:tid 1477110] [client 104.207.63.18:32397] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "garciadomingo.com"] [uri "/site/.git/config"] [unique_id "aYpQKQO-TNc0oG6dzKIuyAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:57:53 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:57:43.575221 2026] [security2:error] [pid 11774:tid 11774] [client 104.207.63.18:30137] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gandmaquatics.com"] [uri "/api/.env"] [unique_id "aYpKR5cuU0L6p2q8g0sbegAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 19:31:15 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 14:31:12.403712 2026] [security2:error] [pid 24549:tid 24567] [client 104.207.63.18:38043] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gabegabel.com"] [uri "/backup/.git/config"] [unique_id "aYo2AOMQX1XeRpGmt4RZkAAAAI0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 12:40:55 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 07:40:49.059710 2026] [security2:error] [pid 14759:tid 14759] [client 104.207.63.18:64235] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gamepart.com"] [uri "/app/.env"] [unique_id "aYnV0WiX6xiHMz4C5V57lgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 05:44:35 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 00:44:29.844344 2026] [security2:error] [pid 11889:tid 11889] [client 104.207.63.18:14587] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "funkerecords.com"] [uri "/.env.save"] [unique_id "aYl0PYq4pIc5kv6jM4DDDgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-13 12:35:08 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 13 07:35:01.398335 2026] [security2:error] [pid 13051:tid 13051] [client 104.207.63.18:60299] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tonytremblayauthor.com"] [uri "/.env"] [unique_id "aWY79expEqzuRUqLROK3kwAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-12-24 04:00:26 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-27 21:06:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 16:06:16.139321 2025] [security2:error] [pid 26826:tid 26826] [client 104.207.63.18:29323] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dogandponyband.com"] [uri "/.git/HEAD"] [unique_id "aSi9SL2e1kXZ1fPBFrT-fQAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-26 06:50:34 (6 months ago)	Attempted access to sensitive endpoint (/.svn/wc.db) detected. Automated scan or unauthorized probin ... show more Attempted access to sensitive endpoint (/.svn/wc.db) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇱🇻 garmtech.com	2025-11-25 22:10:43 (6 months ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:36:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:36:23.794572 2025] [security2:error] [pid 9223:tid 9223] [client 104.207.63.18:56663] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.wichita-massacre.com"] [uri "/.git/HEAD"] [unique_id "aSQnF8f6BIsTiNYkc32cRwAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:16:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:16:52.530722 2025] [security2:error] [pid 29393:tid 29393] [client 104.207.63.18:51309] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.birdlovers.net"] [uri "/.svn/wc.db"] [unique_id "aSQihKiOU0uwpANS5px_IwAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:18:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:18:38.002494 2025] [security2:error] [pid 4217:tid 4217] [client 104.207.63.18:17721] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.wiainvestigation.com"] [uri "/.env"] [unique_id "aSQU3hIZhSi93iGc5wl_9gAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:40:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:40:14.873259 2025] [security2:error] [pid 14722:tid 14722] [client 104.207.63.18:35385] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.rdj.us.pappakotis.com"] [uri "/.git/HEAD"] [unique_id "aSQL3jF-oAGnV4IDmlXidAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-24 05:40:36 (6 months ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack

Showing 1 to 15 of 80 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 185.229.190.244

🇳🇱 185.93.89.167

🇭🇰 152.32.226.205

🇩🇪 151.243.150.23

🇵🇰 119.13.189.108

🇳🇱 45.148.10.240

🇷🇴 2.57.121.25

🇬🇧 193.163.125.170

🇳🇱 176.65.139.14

🇨🇳 123.160.232.58

🇳🇱 45.148.10.141

🇺🇸 45.131.195.226

🇫🇷 37.44.238.68

🇯🇵 20.89.43.232

🇯🇵 20.78.148.25

🇺🇸 18.144.236.177

🇺🇸 65.60.61.173

🇳🇱 45.148.10.157

🇺🇸 45.63.4.69

🇺🇸 23.191.200.31