JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.63.56

104.207.63.56 was found in our database!

This IP was reported 133 times. Confidence of Abuse is 19%: ?

19%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.63.56

Whois 104.207.63.56

IP Abuse Reports for 104.207.63.56:

This IP address has been reported a total of 133 times from 18 distinct sources. 104.207.63.56 was first reported on June 11th 2024, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 FEWA	2026-05-29 16:37:11 (6 days ago)	Fail2Ban Ban Triggered	Hacking Bad Web Bot Web App Attack
🇦🇺 oncord	2026-05-18 06:08:28 (2 weeks ago)	Form spam	Web Spam
🇱🇻 garmtech.com	2026-05-15 14:32:36 (2 weeks ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇨🇦 SSH-Admin	2026-02-07 17:12:28 (3 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇷🇴 INTEQ	2026-01-14 10:48:41 (4 months ago)	Web attack from 104.207.63.56	Web App Attack
🇺🇸 TPI-Abuse	2026-01-13 02:39:59 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 12 21:39:52.048805 2026] [security2:error] [pid 352660:tid 352660] [client 104.207.63.56:57989] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lightupaustralia.com.au"] [uri "/.git/HEAD"] [unique_id "aWWweHclN8R-D8eWM85tmgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 stinpriza	2026-01-07 18:42:43 (4 months ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 19:18:11 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 14:18:04.042967 2025] [security2:error] [pid 23551:tid 23551] [client 104.207.63.56:34911] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rnance.com"] [uri "/.git/HEAD"] [unique_id "aVAw7CRU7OXn5bZ2TWM28AAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 18:25:19 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 13:25:14.012698 2025] [security2:error] [pid 30788:tid 30788] [client 104.207.63.56:49821] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nbcnewsradio.com"] [uri "/.env"] [unique_id "aVAkigM2jGhQhNgacNDr3gAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 16:17:36 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 11:17:30.220904 2025] [security2:error] [pid 28802:tid 28802] [client 104.207.63.56:9979] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "robertsonfamily.com"] [uri "/.svn/wc.db"] [unique_id "aVAGmpN14Kej0l2XYufGBgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 SSH-Admin	2025-12-27 13:45:08 (5 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 22:18:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:18:03.819551 2025] [security2:error] [pid 15420:tid 15420] [client 104.207.63.56:23861] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chadfishman.com"] [uri "/.env"] [unique_id "aS9lm2hqXGNGW7b1pJ9SlwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-02 21:18:52 (6 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 19:34:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 14:33:56.818960 2025] [security2:error] [pid 15108:tid 15108] [client 104.207.63.56:54705] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "daterapebook.com"] [uri "/.svn/wc.db"] [unique_id "aS8_JAlEYQ_vZOMC9kHTCwAAABY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 133 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 103.126.86.195

🇩🇪 69.5.169.191

🇦🇹 185.69.245.174

🇷🇺 178.178.222.55

🇺🇸 147.185.132.19

🇺🇸 147.185.132.18

🇰🇷 121.154.247.33

🇨🇳 119.96.193.72

🇧🇩 103.16.226.176

🇭🇰 45.78.22.106

🇺🇸 204.220.180.62

🇨🇳 183.221.0.223

🇨🇴 181.61.251.4

🇺🇸 165.154.173.20

🇮🇳 103.54.101.248

🇭🇰 101.36.106.78

🇺🇸 100.29.192.34

🇺🇸 72.211.142.41

🇸🇬 52.187.36.104

🇳🇱 45.148.10.141