JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.63.57

104.207.63.57 was found in our database!

This IP was reported 150 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.63.57

Whois 104.207.63.57

IP Abuse Reports for 104.207.63.57:

This IP address has been reported a total of 150 times from 21 distinct sources. 104.207.63.57 was first reported on June 22nd 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 Burayot	2026-02-19 05:00:11 (3 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.63.57 (FR/France/-): 1 in t ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.63.57 (FR/France/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 04:28:58 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 23:28:55.953384 2026] [security2:error] [pid 28652:tid 28652] [client 104.207.63.57:64397] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kmichaelbabcock.com"] [uri "/frontend/.env"] [unique_id "aZaRh0I9onwqpU1m18fhlQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 03:15:39 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 22:15:33.511023 2026] [security2:error] [pid 8153:tid 8153] [client 104.207.63.57:13763] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kevinjewell.com"] [uri "/config/.env"] [unique_id "aZaAVQFJAhBKM1XvYcYI2wAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 02:35:18 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 21:35:12.328702 2026] [security2:error] [pid 21150:tid 21150] [client 104.207.63.57:48707] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kdarmsta.com"] [uri "/dev/.git/config"] [unique_id "aZZ24K09wSD0KQXzKU1CEgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 21:26:05 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 16:26:01.039406 2026] [security2:error] [pid 32022:tid 32022] [client 104.207.63.57:57451] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tytiannasanderson.com"] [uri "/site/.git/config"] [unique_id "aZYuaYuiG3W6trbri1EeAQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 Origon	2026-02-18 19:07:22 (3 months ago)	http-sensitive-files - IP: 104.207.63.57 - time="2026-02-18T20:07:22+01:00" level=info msg="(555f66 ... show more http-sensitive-files - IP: 104.207.63.57 - time="2026-02-18T20:07:22+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.63.57 (FR/200373) : 4h ban on Ip 104.207.63.57" module=db show less	Web App Attack
🇩🇪 iNetWorker	2026-02-18 13:30:19 (3 months ago)	trolling for resource vulnerabilities	Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 12:05:54 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 07:05:46.066792 2026] [security2:error] [pid 16986:tid 16986] [client 104.207.63.57:54533] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "watongalodging.com"] [uri "/.env"] [unique_id "aZWrGrig8z0xKSEMu-PvzQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:45:13 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:45:06.088803 2026] [security2:error] [pid 27385:tid 27385] [client 104.207.63.57:21623] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "toberoocrafts.com"] [uri "/app/.env"] [unique_id "aZG_0vflSXW1qno2LErAowAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:13:27 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:13:22.853864 2026] [security2:error] [pid 12019:tid 12019] [client 104.207.63.57:11113] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "syriahabailey.com"] [uri "/admin/.git/config"] [unique_id "aZFkAtZbBS_bOjD4FxA2LAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 06:07:07 (3 months ago)	Too many Status 40X (11) Scanning/Probing (14)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:52:45 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:52:40.138587 2026] [security2:error] [pid 8181:tid 8181] [client 104.207.63.57:57557] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "suffolksystems.com"] [uri "/.env"] [unique_id "aZFRGAQ7FvWLOUAI73-UJQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:57:15 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:57:09.118302 2026] [security2:error] [pid 18823:tid 18823] [client 104.207.63.57:14053] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stinecapital.net"] [uri "/site/.git/config"] [unique_id "aZFEFZju514a8a9jLxEGgwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:38:02 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:37:56.599486 2026] [security2:error] [pid 16629:tid 16654] [client 104.207.63.57:39823] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "n30ew.com"] [uri "/site/.git/config"] [unique_id "aZExhI0dBptQCLod9Kq9uQAAANc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:19:04 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:18:59.196290 2026] [security2:error] [pid 13649:tid 13649] [client 104.207.63.57:33687] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mumawvickers.com"] [uri "/.env.save"] [unique_id "aZEfA-RMEtajmwqHRrZ6WgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 150 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇪 206.0.187.62

🇮🇳 205.254.166.123

🇧🇷 177.39.120.200

🇺🇸 162.216.150.131

🇺🇸 72.253.251.7

🇺🇸 34.86.112.56

🇺🇸 2a03:2880:15ff:42::

🇮🇩 2001:448a:70ae:584d:c8a1:5606:4ca8:7198

🇺🇸 205.210.31.72

🇨🇳 203.2.115.107

🇱🇹 194.165.16.166

🇸🇬 178.128.51.84

🇮🇳 152.32.158.69

🇩🇪 151.243.11.248

🇫🇮 147.185.133.145

🇹🇼 106.1.179.116

🇭🇰 101.79.167.192

🇺🇸 66.132.224.56

🇸🇬 47.236.50.40

🇬🇧 45.82.76.112