JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.63.89

104.207.63.89 was found in our database!

This IP was reported 132 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.63.89

Whois 104.207.63.89

IP Abuse Reports for 104.207.63.89:

This IP address has been reported a total of 132 times from 14 distinct sources. 104.207.63.89 was first reported on June 4th 2024, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-01-05 20:21:03 (5 months ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-12-31 00:42:09 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.89 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 30 19:41:57.888717 2025] [security2:error] [pid 7015:tid 7015] [client 104.207.63.89:34807] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.patrickodougherty.com"] [uri "/.env"] [unique_id "aVRxVUGwqR8sgGs5mrXj-AAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:00:48 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-29 06:51:03 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.89 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:50:57.926916 2025] [security2:error] [pid 2644682:tid 2644687] [client 104.207.63.89:45065] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "securitymediaservices.com"] [uri "/.git/HEAD"] [unique_id "aVIk0YbE9pXjh74wbNaJmgAAAIE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 06:35:16 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.89 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:35:08.193417 2025] [security2:error] [pid 31936:tid 31936] [client 104.207.63.89:49827] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "recetabook.com"] [uri "/.svn/wc.db"] [unique_id "aVIhHIuL-RFoSUtigyI-HgAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-11 01:17:56 (5 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-12-07 16:57:22 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.89 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 11:57:16.802131 2025] [security2:error] [pid 22188:tid 22197] [client 104.207.63.89:12619] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "greaternorthmiamihistory.org"] [uri "/.svn/wc.db"] [unique_id "aTWx7Kmlk_cAMfxZBLqS0QAAAUQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 15:21:42 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.89 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 10:21:35.429956 2025] [security2:error] [pid 2969:tid 2969] [client 104.207.63.89:40999] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thefitzgeralds.org"] [uri "/.env"] [unique_id "aTWbf7ol_76DTxXdA-8gvwAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-07 13:19:30 (5 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 12:26:35 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.89 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 07:26:29.015122 2025] [security2:error] [pid 17765:tid 17765] [client 104.207.63.89:51953] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bletnslb.org"] [uri "/.svn/wc.db"] [unique_id "aTVydc5Mq_3IzB0vQpFWzQAAACo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 12:08:23 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.89 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 07:08:18.476093 2025] [security2:error] [pid 25390:tid 25390] [client 104.207.63.89:41507] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "adona.org"] [uri "/.git/HEAD"] [unique_id "aTVuMiX-ME54VDvFzrCf9gAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 11:17:06 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.89 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 06:16:59.657027 2025] [security2:error] [pid 19786:tid 19786] [client 104.207.63.89:32939] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "swetzer.net"] [uri "/.env"] [unique_id "aTQQq_9LIhT4VltFiH_xDgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 10:44:32 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.89 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 05:44:23.869487 2025] [security2:error] [pid 6837:tid 6837] [client 104.207.63.89:60113] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fiestadj.com.mx"] [uri "/.git/HEAD"] [unique_id "aTQJB5rT3upg3uInPZE0ZgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 03:45:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.89 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 22:44:58.271857 2025] [security2:error] [pid 14279:tid 14372] [client 104.207.63.89:36885] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thebiglies.info"] [uri "/.git/HEAD"] [unique_id "aTOmupBCYUk7iu0StZRFJgAAAVI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 02:54:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.89 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 21:54:53.954792 2025] [security2:error] [pid 12717:tid 12717] [client 104.207.63.89:27129] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cypraea.info"] [uri "/.svn/wc.db"] [unique_id "aTOa_THmi_FscDhmO9porQAAABo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 132 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 171.114.230.8

🇺🇸 147.185.132.156

🇫🇷 85.217.140.15

🇺🇸 64.62.156.219

🇳🇱 45.148.10.121

🇹🇭 203.154.158.195

🇧🇷 191.253.114.218

🇲🇽 186.96.145.241

🇳🇱 185.226.197.52

🇭🇰 168.70.97.109

🇵🇰 139.135.40.121

🇺🇸 135.237.125.146

🇨🇳 116.169.232.24

🇺🇸 47.251.55.135

🇯🇵 43.163.242.6

🇿🇦 196.192.181.202

🇺🇸 107.170.14.204

🇻🇳 103.200.22.140

🇸🇪 90.231.80.167

🇺🇸 65.49.20.71