JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.63.80

104.207.63.80 was found in our database!

This IP was reported 183 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.63.80

Whois 104.207.63.80

IP Abuse Reports for 104.207.63.80:

This IP address has been reported a total of 183 times from 32 distinct sources. 104.207.63.80 was first reported on June 5th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-05-14 20:56:30 (3 weeks ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 23-56.104.207.63.80.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 23-56.104.207.63.80.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2026-05-14 00:27:36 (3 weeks ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 03-27.104.207.63.80.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 03-27.104.207.63.80.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2026-05-04 22:47:14 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 01-47.104.207.63.80.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 01-47.104.207.63.80.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇦🇺 oncord	2026-02-22 05:10:55 (3 months ago)	Form spam	Web Spam
Anonymous	2026-02-20 15:32:08 (3 months ago)		Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:41:12 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.80 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:41:04.488240 2026] [security2:error] [pid 26729:tid 26729] [client 104.207.63.80:64255] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mindbodyrestored.com"] [uri "/.env.production"] [unique_id "aY8p8CkZbBExQ6BPP1QyugAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-13 13:02:30 (3 months ago)	Blocking for trying to access an exploit file: /dev/.git/config	Hacking
🇺🇸 TPI-Abuse	2026-02-13 06:10:44 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.80 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:10:38.569155 2026] [security2:error] [pid 2713555:tid 2713555] [client 104.207.63.80:19405] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mcefa.org"] [uri "/frontend/.env"] [unique_id "aY7AXo2HVano4WeORXWjhAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:57:59 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.80 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:57:52.980987 2026] [security2:error] [pid 29697:tid 29697] [client 104.207.63.80:16597] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "major33.com"] [uri "/dev/.git/config"] [unique_id "aY6FIMSFiY4SWIdulePkXQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 DZBOT	2026-02-13 01:14:08 (3 months ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:13:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.80 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:13:52.146629 2026] [security2:error] [pid 1718860:tid 1718890] [client 104.207.63.80:54535] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "magazineofwallstreet.com"] [uri "/admin/.env"] [unique_id "aY560N361X8i7nDm3g1EbAAAAJg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 18:04:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.80 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 13:04:31.089952 2026] [security2:error] [pid 8481:tid 8481] [client 104.207.63.80:17049] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "drbolen.com"] [uri "/.env"] [unique_id "aY4WL0JqWPlm44V623eUlAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 17:45:26 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.80 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 12:45:18.400327 2026] [security2:error] [pid 31490:tid 31490] [client 104.207.63.80:58167] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "digitalplanner.xyz"] [uri "/.env"] [unique_id "aY4Rru2zCcNo7-YapFwRjwAAACY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 16:58:20 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.80 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 11:58:14.195962 2026] [security2:error] [pid 17602:tid 17602] [client 104.207.63.80:57889] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "creekside.biz"] [uri "/.env"] [unique_id "aY4Gpi6hB3bhrzVdkUp70QAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 183 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 104.208.108.166

🇨🇿 213.226.222.173

🇨🇱 190.46.77.254

🇺🇸 185.180.141.2

🇨🇳 183.56.216.153

🇺🇸 167.89.80.88

🇨🇳 114.217.53.40

🇷🇺 109.173.39.103

🇺🇸 66.132.186.200

🇺🇸 47.251.170.102

🇺🇸 34.228.104.231

🇺🇸 2604:a880:400:d1:0:4:8c06:e001

🇻🇳 221.132.3.71

🇺🇸 216.218.206.67

🇧🇪 207.175.10.180

🇺🇸 162.216.150.92

🇺🇸 162.216.149.89

🇫🇮 147.185.133.191

🇺🇸 135.222.40.117

🇮🇳 106.219.145.71