JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.63.35

104.207.63.35 was found in our database!

This IP was reported 141 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.63.35

Whois 104.207.63.35

IP Abuse Reports for 104.207.63.35:

This IP address has been reported a total of 141 times from 22 distinct sources. 104.207.63.35 was first reported on June 6th 2024, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-07 20:22:46 (4 weeks ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
Anonymous	2026-03-16 20:17:52 (2 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇩🇪 DocNetzwerk	2026-02-13 02:52:10 (3 months ago)	(mod_security) mod_security triggered on hostname [redacted] 104.207.63.35 (FR/France/-)	SQL Injection
🇺🇸 TPI-Abuse	2026-02-13 02:17:27 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.35 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:17:22.533182 2026] [security2:error] [pid 11198:tid 11330] [client 104.207.63.35:30891] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keetons.net"] [uri "/.env"] [unique_id "aY6JsmN5WYbQMelVTp6V1wAAAog"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:57:17 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.35 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:57:12.584945 2026] [security2:error] [pid 29266:tid 29266] [client 104.207.63.35:26997] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kbalan.com"] [uri "/admin/.env"] [unique_id "aY6E-P-LGZw-3LZmxkbnHwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-13 01:25:34 (3 months ago)	Blocking for trying to access an exploit file: /api/.env	Hacking
🇺🇸 TPI-Abuse	2026-02-12 15:42:46 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.35 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 10:42:40.790162 2026] [security2:error] [pid 28382:tid 28382] [client 104.207.63.35:48285] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bewdleypizza.com"] [uri "/.git/config"] [unique_id "aY308HbZ9g5YD12BTAJgGgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-11 22:59:16 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-11	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-11 10:43:28 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.35 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 05:43:25.077613 2026] [security2:error] [pid 17134:tid 17134] [client 104.207.63.35:28223] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brent23.com"] [uri "/new/.git/config"] [unique_id "aYxdTcr924IvKUQeT9JfbAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 05:22:19 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.35 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 00:22:15.700587 2026] [security2:error] [pid 18264:tid 18264] [client 104.207.63.35:17803] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "correlationdesign.com"] [uri "/v2/.git/config"] [unique_id "aYwSB2-7FDFFshPRHNYRfwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 03:06:45 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.35 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 22:06:40.837184 2026] [security2:error] [pid 1183:tid 1183] [client 104.207.63.35:63793] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "coretherapyassoc.com"] [uri "/.env.local"] [unique_id "aYvyQAgeg0M1yARI1d3FdgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 15:18:39 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.35 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 10:18:30.164850 2026] [security2:error] [pid 31979:tid 31979] [client 104.207.63.35:32791] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "easyhousecash.com"] [uri "/app/.git/config"] [unique_id "aYtMRmfjLQakZMXxKXvHzgAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 Origon	2026-02-10 06:12:23 (3 months ago)	http-sensitive-files - IP: 104.207.63.35 - time="2026-02-10T07:12:23+01:00" level=info msg="(555f66 ... show more http-sensitive-files - IP: 104.207.63.35 - time="2026-02-10T07:12:23+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.63.35 (FR/200373) : 4h ban on Ip 104.207.63.35" module=db show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:34:06 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.35 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:34:01.425354 2026] [security2:error] [pid 12622:tid 12622] [client 104.207.63.35:13339] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "geceindia.com"] [uri "/.git/config"] [unique_id "aYp8-ZBdU-lcaRB2CSWE6AAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 bigorre.org	2026-01-02 14:34:01 (5 months ago)	Unidentified crawling: not a self-announced bot in user-agent	Bad Web Bot

Showing 1 to 15 of 141 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 220.246.47.145

🇯🇴 213.139.63.84

🇭🇰 152.32.132.28

🇮🇪 54.195.132.73

🇲🇺 197.225.146.23

🇪🇹 196.189.124.229

🇻🇳 171.231.196.85

🇺🇸 162.216.149.46

🇦🇺 124.168.23.112

🇳🇵 103.167.229.221

🇬🇧 2a06:4880:6000::82

🇨🇳 218.17.239.204

🇧🇪 198.235.24.155

🇻🇳 183.81.86.112

🇳🇱 176.65.149.139

🇻🇳 116.110.152.72

🇨🇦 96.20.115.53

🇮🇹 83.224.174.171

🇺🇸 54.165.169.15

🇺🇸 47.254.122.67