JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.63.96

104.207.63.96 was found in our database!

This IP was reported 127 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.63.96

Whois 104.207.63.96

IP Abuse Reports for 104.207.63.96:

This IP address has been reported a total of 127 times from 11 distinct sources. 104.207.63.96 was first reported on June 7th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 jjnxpct	2026-02-19 04:50:30 (3 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /app/.git/config (Rule ID: 930130) - Restricted File Access Attempt show less	Web App Attack Hacking
🇺🇸 TPI-Abuse	2025-12-29 06:39:07 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:39:00.481988 2025] [security2:error] [pid 21535:tid 21535] [client 104.207.63.96:41009] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "emilybrass.com"] [uri "/.svn/wc.db"] [unique_id "aVIiBDzrenHBAQ9QZUqHtgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 23:03:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 18:03:39.777707 2025] [security2:error] [pid 4042:tid 4042] [client 104.207.63.96:25185] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jeremyscraig.com"] [uri "/.git/HEAD"] [unique_id "aS9wS19FlDWh6u2lFQdJywAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 20:07:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 15:07:48.908755 2025] [security2:error] [pid 6104:tid 6104] [client 104.207.63.96:31987] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "instructionalvideotutorials.com"] [uri "/.git/HEAD"] [unique_id "aS9HFMQTLv78K6u90Le0LwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 15:22:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 10:22:41.484575 2025] [security2:error] [pid 21927:tid 21927] [client 104.207.63.96:53911] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "evolinc.com"] [uri "/.env"] [unique_id "aS8EQah8wjkd6RgkHX3CzAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 08:28:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 03:28:37.371279 2025] [security2:error] [pid 11161:tid 11161] [client 104.207.63.96:22059] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gavinnine.com"] [uri "/.svn/wc.db"] [unique_id "aS6jNQ7jJQPAK9dVSfcBogAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 07:14:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 02:14:00.201658 2025] [security2:error] [pid 15646:tid 15646] [client 104.207.63.96:9283] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "plumpen.com"] [uri "/.svn/wc.db"] [unique_id "aS6RuCbsKJBnSDkgsRsqgQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:15:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:15:52.285167 2025] [security2:error] [pid 7679:tid 7679] [client 104.207.63.96:41201] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stevenkloepfer.com"] [uri "/.git/HEAD"] [unique_id "aS52CLnC1IbCPCcDR62jxgAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2025-12-02 00:50:29 (6 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
Anonymous	2025-10-11 07:53:30 (7 months ago)	Attempted brute force login to web vpn 90 time(s); last attempt for 2025.10.11 is noted in report ti ... show more Attempted brute force login to web vpn 90 time(s); last attempt for 2025.10.11 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-10 23:00:49 (7 months ago)	Attempted brute force login to web vpn 72 time(s); last attempt for 2025.10.10 is noted in report ti ... show more Attempted brute force login to web vpn 72 time(s); last attempt for 2025.10.10 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-09 20:38:46 (7 months ago)	Attempted brute force login to web vpn 90 time(s); last attempt for 2025.10.09 is noted in report ti ... show more Attempted brute force login to web vpn 90 time(s); last attempt for 2025.10.09 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-08 21:37:58 (7 months ago)	Attempted brute force login to web vpn 90 time(s); last attempt for 2025.10.08 is noted in report ti ... show more Attempted brute force login to web vpn 90 time(s); last attempt for 2025.10.08 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-07 22:48:45 (7 months ago)	Attempted brute force login to web vpn 18 time(s); last attempt for 2025.10.07 is noted in report ti ... show more Attempted brute force login to web vpn 18 time(s); last attempt for 2025.10.07 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-07 08:23:01 (1 year ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 127 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2602:80d:1007::60

🇧🇪 198.235.24.230

🇧🇬 193.24.211.107

🇦🇱 185.80.226.88

🇧🇷 179.184.160.50

🇧🇷 147.93.37.13

🇭🇰 103.244.148.247

🇺🇸 50.190.89.138

🇩🇪 2.26.1.31

🇹🇼 198.235.24.83

🇨🇳 182.244.0.150

🇬🇧 81.19.219.224

🇺🇸 20.64.105.77

🇨🇳 219.133.101.236

🇪🇬 197.49.29.124

🇵🇭 136.158.63.152

🇹🇼 104.155.221.96

🇭🇰 101.36.122.129

🇵🇹 81.193.216.17

🇺🇸 52.14.230.240