JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.63.39

104.207.63.39 was found in our database!

This IP was reported 145 times. Confidence of Abuse is 24%: ?

24%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.63.39

Whois 104.207.63.39

IP Abuse Reports for 104.207.63.39:

This IP address has been reported a total of 145 times from 19 distinct sources. 104.207.63.39 was first reported on June 4th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 tilellit.pro	2026-05-30 03:38:15 (1 week ago)	Fail2Ban banned 104.207.63.39 for security violations in jail wp-armour. Log: 2026/05/30 03:38:14 [e ... show more Fail2Ban banned 104.207.63.39 for security violations in jail wp-armour. Log: 2026/05/30 03:38:14 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 104.207.63.39 \| Target: wplogin" , client: 104.207.63.39, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇫🇷 mrcrassi	2026-05-28 23:58:27 (1 week ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (POST meth ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (POST method) Endpoint: /wp-login.php UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1; rv:119.0) Gecko/20100101 Firefox/119.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇲🇽 octageeks.com	2026-05-24 04:13:14 (2 weeks ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇦🇺 oncord	2026-04-12 20:27:39 (1 month ago)	Form spam	Web Spam
🇱🇻 garmtech.com	2026-04-10 19:46:05 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 22-46.104.207.63.39.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 22-46.104.207.63.39.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇦🇺 oncord	2026-02-23 06:10:28 (3 months ago)	Form spam	Web Spam
🇦🇺 2000cn.com.au	2026-02-11 21:05:01 (3 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 15:55:18 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 10:55:09.540358 2026] [security2:error] [pid 17112:tid 17112] [client 104.207.63.39:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "antitribu.com"] [uri "/.env.staging"] [unique_id "aYtU3WM7g7LUdc3qgwCQlgAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:21:00 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:20:51.687262 2026] [security2:error] [pid 26503:tid 26503] [client 104.207.63.39:59585] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "maerynray.com"] [uri "/dev/.git/config"] [unique_id "aYqkE_GqpfIrxfJjJq1GowAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:02:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:02:15.332575 2026] [security2:error] [pid 18637:tid 18637] [client 104.207.63.39:45621] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "i-spose.com"] [uri "/api/.git/config"] [unique_id "aYqftxtaMAPxaiWZ3h7_WAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:23:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:23:26.090227 2026] [security2:error] [pid 13231:tid 13244] [client 104.207.63.39:37805] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kimbleproperties.com"] [uri "/backend/.env"] [unique_id "aYqWngoQP8esBx9Kr0f70QAAAMs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 01:21:38 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 20:21:32.002289 2026] [security2:error] [pid 18352:tid 18352] [client 104.207.63.39:19137] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kh6jim.com"] [uri "/test/.git/config"] [unique_id "aYqIHBwa5ASPvn7KYHPuYQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:54:30 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:54:24.182810 2026] [security2:error] [pid 16661:tid 16661] [client 104.207.63.39:30697] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kenmalone.com"] [uri "/.env.staging"] [unique_id "aYpzsPoynNP3HvWRGg8IZAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:11:16 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:10:42.153033 2026] [security2:error] [pid 1663:tid 1663] [client 104.207.63.39:59683] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hppagewideflorida.com"] [uri "/admin/.env"] [unique_id "aYppcjzvzTKJNdXNKVEUKQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:34:49 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:34:26.564325 2026] [security2:error] [pid 19337:tid 19343] [client 104.207.63.39:34765] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "honeyled.com"] [uri "/.env.local"] [unique_id "aYpE0h9XhWz9IoldCWneQgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 145 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.197.78.185

🇬🇧 213.166.84.42

🇺🇬 196.0.120.211

🇬🇧 194.50.235.138

🇮🇷 188.0.240.22

🇺🇸 144.172.100.186

🇨🇳 121.41.167.7

🇩🇪 95.91.232.214

🇬🇧 81.19.219.200

🇺🇸 66.132.186.236

🇦🇺 40.82.214.8

🇺🇸 2604:a880:400:d1:0:4:8c08:f001

🇬🇧 217.138.47.118

🇺🇸 205.210.31.71

🇬🇧 195.206.182.207

🇨🇳 182.124.180.170

🇮🇳 182.95.223.46

🇨🇳 180.153.236.14

🇳🇱 176.65.148.58

🇨🇦 159.203.25.248