JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.63.222

104.207.63.222 was found in our database!

This IP was reported 132 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.63.222

Whois 104.207.63.222

IP Abuse Reports for 104.207.63.222:

This IP address has been reported a total of 132 times from 17 distinct sources. 104.207.63.222 was first reported on June 11th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 10dencehispahard SL	2026-01-26 07:50:32 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇵🇱 sefinek.net	2025-12-15 13:10:00 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (5 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
🇺🇸 TPI-Abuse	2025-12-02 20:24:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 15:24:04.157008 2025] [security2:error] [pid 26263:tid 26263] [client 104.207.63.222:17095] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "seebeexee.com"] [uri "/.git/HEAD"] [unique_id "aS9K5MIXm_dCLx7mKdnqFwAAACo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 03:58:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 22:58:46.595129 2025] [security2:error] [pid 30015:tid 30015] [client 104.207.63.222:32093] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "qed-consulting.co"] [uri "/.svn/wc.db"] [unique_id "aS5j9nS5amKZVAog3mEDJQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 13:49:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 08:49:22.310134 2025] [security2:error] [pid 2059:tid 2059] [client 104.207.63.222:26861] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.marisetravel.com"] [uri "/.env"] [unique_id "aShW4nKqs6dB9uT-OsaJqAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-25 16:30:50 (6 months ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇺🇸 TPI-Abuse	2025-11-25 06:43:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:43:00.814631 2025] [security2:error] [pid 23983:tid 23983] [client 104.207.63.222:39143] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.paleopathologist.com"] [uri "/.env"] [unique_id "aSVP9IHAjahm39fQkq88AAAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:05:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:05:36.697892 2025] [security2:error] [pid 1817000:tid 1817025] [client 104.207.63.222:32463] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "versosversusversos.wizart.org"] [uri "/.svn/wc.db"] [unique_id "aSVHMJiXM9qjzOaPIgRLdwAAAU0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:49:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:49:49.051661 2025] [security2:error] [pid 20064:tid 20064] [client 104.207.63.222:34995] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.jimpaddywilliams.org"] [uri "/.svn/wc.db"] [unique_id "aSVDfX78V-7i8c_bIKH-5QAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:32:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:32:23.294996 2025] [security2:error] [pid 22897:tid 22897] [client 104.207.63.222:34557] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.northmyrtlebeachcondos.com"] [uri "/.svn/wc.db"] [unique_id "aSU_Zyo3bQCI-66NyexnRQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:15:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:15:32.285830 2025] [security2:error] [pid 10619:tid 10698] [client 104.207.63.222:27219] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.coldwave.net"] [uri "/.git/HEAD"] [unique_id "aSU7dAXcnVrJOg7V-2J8qwAAAQI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:07:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:07:50.901017 2025] [security2:error] [pid 7646:tid 7646] [client 104.207.63.222:35727] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.dragonflytunes.com"] [uri "/.env"] [unique_id "aSUBZiT5VbARC5fVLTwr3wAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:49:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:49:15.568512 2025] [security2:error] [pid 17261:tid 17261] [client 104.207.63.222:17081] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.taxgroupsd.com"] [uri "/.git/HEAD"] [unique_id "aST9C_5QICQBLlEA5IzJiAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 Shaik Sai Meera	2025-11-25 00:10:07 (6 months ago)	IM360 WAF: Hidden file access	Brute-Force

Showing 1 to 15 of 132 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇷 212.251.0.147

🇮🇳 14.140.218.210

🇺🇿 5.133.121.104

🇻🇳 222.252.95.9

🇺🇦 176.103.25.235

🇳🇱 176.65.148.38

🇭🇰 165.154.41.182

🇮🇳 160.250.225.19

🇸🇬 128.199.175.30

🇵🇭 112.201.193.34

🇷🇴 80.94.92.187

🇳🇱 77.83.39.154

🇺🇸 66.132.186.244

🇺🇸 65.49.1.23

🇺🇸 8.229.22.47

🇺🇸 5.78.205.169

🇷🇴 193.32.162.206

🇧🇷 177.38.84.241

🇮🇱 5.29.135.63

🇨🇳 219.151.22.113