JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.63.219

104.207.63.219 was found in our database!

This IP was reported 124 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.63.219

Whois 104.207.63.219

IP Abuse Reports for 104.207.63.219:

This IP address has been reported a total of 124 times from 16 distinct sources. 104.207.63.219 was first reported on June 7th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-06-06 10:38:43 (2 weeks ago)	dot file probe	Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 02:32:12 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.219 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 21:32:07.791746 2026] [security2:error] [pid 21642:tid 21642] [client 104.207.63.219:61221] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rentaroller.com.au"] [uri "/.env.production"] [unique_id "aZUkp0gH-pUMdbjQMr3R5QAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 01:06:15 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.219 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 20:06:09.684196 2026] [security2:error] [pid 20861:tid 20861] [client 104.207.63.219:52525] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "radiointernational.net"] [uri "/api/.git/config"] [unique_id "aZUQgXj9YSI8eYOQqMCOdwAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-11 09:01:00 (4 months ago)	SMS pumping	DDoS Attack VPN IP Bad Web Bot Web App Attack
🇦🇺 MAGIC	2026-01-13 00:12:37 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 juguemosalacarioca.com	2025-12-30 14:13:30 (5 months ago)	Multiple HTTP calls attempting to GET resources using common API calls or formats on port 8080	Web App Attack
🇦🇺 MAGIC	2025-12-20 02:02:13 (6 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-12-11 00:48:01 (6 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-12-02 07:36:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.219 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 02:36:56.687233 2025] [security2:error] [pid 2596:tid 2596] [client 104.207.63.219:25859] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "forgottenvictims.com"] [uri "/.env"] [unique_id "aS6XGNNtZTEhABj16GE-FQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-02 01:14:06 (6 months ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 04:58:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.219 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 23:58:01.018554 2025] [security2:error] [pid 9960:tid 9960] [client 104.207.63.219:57063] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.bencramer.org"] [uri "/.svn/wc.db"] [unique_id "aSaI2VIyKyQqpfCUfCYkyQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:58:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.219 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:58:39.384029 2025] [security2:error] [pid 4069:tid 4069] [client 104.207.63.219:44333] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "water.ic1.biz"] [uri "/.git/HEAD"] [unique_id "aSZez_KSNEYlxZmqzKgGwAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 oncord	2025-11-19 19:25:37 (7 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2025-11-12 21:14:05 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.219 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 12 16:13:57.534521 2025] [security2:error] [pid 962:tid 962] [client 104.207.63.219:43865] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.scottcampbellconstruction.com"] [uri "/config.php%7C/.env%7Csettings.py"] [unique_id "aRT4lZj5ZyxmzyER7N2AygAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 applemooz	2025-11-01 10:47:22 (7 months ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack

Showing 1 to 15 of 124 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2001:470:1:332::174

🇨🇳 220.181.108.102

🇬🇧 193.163.125.96

🇨🇳 183.192.223.215

🇳🇱 176.65.148.142

🇳🇱 91.92.40.13

🇳🇱 91.92.40.7

🇫🇷 88.161.209.155

🇧🇷 45.7.212.3

🇬🇧 35.203.210.165

🇹🇭 202.29.228.248

🇨🇦 192.249.132.101

🇲🇾 180.73.66.46

🇭🇰 114.111.52.109

🇺🇸 104.28.233.73

🇮🇩 103.165.206.238

🇳🇱 91.92.40.204

🇸🇬 47.79.51.5

🇺🇸 172.253.198.145

🇵🇰 103.26.86.81