JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.63.217

104.207.63.217 was found in our database!

This IP was reported 128 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.63.217

Whois 104.207.63.217

IP Abuse Reports for 104.207.63.217:

This IP address has been reported a total of 128 times from 16 distinct sources. 104.207.63.217 was first reported on June 6th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-19 18:40:33 (3 weeks ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2026-05-13 11:05:10 (1 month ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2026-02-09 21:56:04 (4 months ago)	104.207.63.217 - - [09/Feb/2026:21:55:56 +0000] "GET /app/.env HTTP/1.1" 302 3410 "-" "Mozilla/5.0 ( ... show more 104.207.63.217 - - [09/Feb/2026:21:55:56 +0000] "GET /app/.env HTTP/1.1" 302 3410 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 21:22:39 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:22:34.476278 2026] [security2:error] [pid 1475677:tid 1475677] [client 104.207.63.217:32111] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "garciadomingo.com"] [uri "/config/.env"] [unique_id "aYpQGu-PqXvNVkWWIqhzjwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:23:50 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:23:45.456414 2026] [security2:error] [pid 27838:tid 27838] [client 104.207.63.217:42527] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "galysh.us"] [uri "/wp/.git/config"] [unique_id "aYpCUb0gNci-i_UkHGKNWQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 19:40:17 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 14:40:12.316086 2026] [security2:error] [pid 22492:tid 22492] [client 104.207.63.217:30865] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gacstoday.com"] [uri "/api/.env"] [unique_id "aYo4HJaD8aWKPtPWovNUrQAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 17:59:36 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 12:59:21.559878 2026] [security2:error] [pid 851247:tid 851247] [client 104.207.63.217:40443] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "furfriend-z.com"] [uri "/.env.local"] [unique_id "aYogeW2H_wLtLp2XxE9RpQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 12:41:07 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 07:41:01.898149 2026] [security2:error] [pid 17179:tid 17179] [client 104.207.63.217:53213] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gamepart.com"] [uri "/.git/config"] [unique_id "aYnV3dcx-XqnY7rHvsVtvQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 07:57:21 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 02:57:18.506384 2026] [security2:error] [pid 8767:tid 8767] [client 104.207.63.217:11321] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fwa51.com"] [uri "/wp/.git/config"] [unique_id "aYmTXl3UZhmbjAsTSV2MOgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-28 20:12:11 (5 months ago)	"GET /.git/HEAD HTTP/1.1"	Hacking Web App Attack
🇬🇧 SilverZippo	2025-12-02 00:40:45 (6 months ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2025-11-06 16:25:48 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 06 11:25:44.897810 2025] [security2:error] [pid 25558:tid 25558] [client 104.207.63.217:48831] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oualierealty.com"] [uri "/.env"] [unique_id "aQzMCM4mQ0ttZP9V4pqWzgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2025-11-05 16:55:10 (7 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇩🇪 on-com	2025-10-11 16:48:54 (8 months ago)	URL scan	Brute-Force Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-09-27 23:32:29 (8 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam

Showing 1 to 15 of 128 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 189.203.163.10

🇺🇸 154.197.57.175

🇬🇧 194.50.235.141

🇺🇸 178.128.144.168

🇧🇬 151.237.115.208

🇳🇱 85.121.127.21

🇷🇺 72.56.1.39

🇩🇪 45.135.141.21

🇺🇸 23.251.114.139

🇲🇾 175.137.49.194

🇺🇸 154.197.57.161

🇨🇳 150.255.92.2

🇮🇳 125.23.183.138

🇱🇹 91.224.92.147

🇧🇬 79.124.40.110

🇺🇸 65.49.1.124

🇦🇺 35.244.119.77

🇹🇼 202.39.153.245

🇺🇸 154.197.57.136

🇮🇹 79.3.96.178