JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.63.81

104.207.63.81 was found in our database!

This IP was reported 130 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.63.81

Whois 104.207.63.81

IP Abuse Reports for 104.207.63.81:

This IP address has been reported a total of 130 times from 15 distinct sources. 104.207.63.81 was first reported on June 6th 2024, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇳 Genhost	2026-05-06 17:46:02 (4 weeks ago)	SCANNING OF PHP SHELL FILES	Brute-Force SSH
🇺🇸 mnsf	2026-02-13 14:07:07 (3 months ago)	Too many Status 40X (12) Scanning/Probing (13)	Brute-Force Web App Attack
🇺🇸 myagent.site	2026-02-13 13:51:17 (3 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2026-02-13 13:00:35 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:00:30.235242 2026] [security2:error] [pid 28673:tid 28673] [client 104.207.63.81:36665] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mightyhoop.com"] [uri "/.env.staging"] [unique_id "aY8gbrL86FYuw_dJAiXbVwAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 08:00:20 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:00:13.001818 2026] [security2:error] [pid 24428:tid 24428] [client 104.207.63.81:14483] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "meltonspace.com"] [uri "/.env.production"] [unique_id "aY7aDeHV6wDzLvHqTXY3oQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 0x44	2026-02-13 07:13:53 (3 months ago)	104.207.63.81 [13/Feb/2026] * Spam host detected, probing for vulnerabilities	Web Spam Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:42:20 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:42:10.906213 2026] [security2:error] [pid 3190:tid 3216] [client 104.207.63.81:62419] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marinkovich.info"] [uri "/v2/.git/config"] [unique_id "aY6dkvb4CmTCRsawBB7GwgAAAFI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:07:28 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:07:22.534204 2026] [security2:error] [pid 32571:tid 32571] [client 104.207.63.81:46835] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "madronabluff.com"] [uri "/admin/.env"] [unique_id "aY55SmCgUPubitE527r0iQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 15:47:13 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 10:47:06.599534 2026] [security2:error] [pid 22196:tid 22196] [client 104.207.63.81:13269] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "deharrisassoc.com"] [uri "/.git/config"] [unique_id "aY31-ip3uSc5YE_0UlaJcQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 15:05:44 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 10:05:23.782008 2026] [security2:error] [pid 1269766:tid 1269766] [client 104.207.63.81:43423] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "controvac.com"] [uri "/.git/config"] [unique_id "aY3sMzOHOmo0VM1dBtJ5EgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 23:11:13 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 18:11:05.899026 2026] [security2:error] [pid 15854:tid 15854] [client 104.207.63.81:43781] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "garyandthegroove.com"] [uri "/site/.git/config"] [unique_id "aY0MiYLP3SG_Bsnqy57sTgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 05:05:16 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 00:05:08.588229 2026] [security2:error] [pid 7994:tid 7994] [client 104.207.63.81:31573] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fydelitybags.com"] [uri "/app/.env"] [unique_id "aYwOBJkHvVyQieBET5ZVcwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 afleventoffice.com.au	2026-02-11 03:57:06 (3 months ago)	GET /app/.git/config HTTP/1.1	Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 02:16:05 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 21:16:01.947736 2026] [security2:error] [pid 21912:tid 21912] [client 104.207.63.81:37479] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "futurbike.it"] [uri "/backend/.env"] [unique_id "aYvmYa9DZuK68Sq37geTqAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-05 20:31:27 (5 months ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 130 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇪 195.178.191.5

🇵🇰 160.191.208.199

🇺🇸 144.172.110.181

🇮🇳 122.176.45.238

🇺🇸 107.175.52.232

🇸🇪 104.243.193.96

🇬🇧 87.236.176.109

🇺🇸 66.132.186.201

🇬🇧 35.203.211.250

🇰🇷 222.232.176.7

🇺🇸 165.154.254.143

🇮🇳 115.241.83.2

🇺🇸 162.216.149.151

🇯🇵 160.251.233.37

🇬🇭 102.223.92.101

🇮🇶 65.20.143.45

🇱🇹 62.60.130.31

🇭🇰 199.45.154.180

🇨🇳 114.230.243.62

🇭🇰 101.36.111.86