JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.58.63

104.207.58.63 was found in our database!

This IP was reported 131 times. Confidence of Abuse is 11%: ?

11%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.58.63

Whois 104.207.58.63

IP Abuse Reports for 104.207.58.63:

This IP address has been reported a total of 131 times from 16 distinct sources. 104.207.58.63 was first reported on June 4th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-28 06:18:19 (1 week ago)	(wordpress) Failed wordpress login from 104.207.58.63 (TH/Thailand/-)	Brute-Force
🇩🇪 4server	2026-05-13 03:12:30 (3 weeks ago)	[WedMay1305:12:23.8665262026][security2:error][pid1021121:tid1021230][client104.207.58.63:0]ModSecur ... show more [WedMay1305:12:23.8665262026][security2:error][pid1021121:tid1021230][client104.207.58.63:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\(\?i\)\(curl\\|wget\\|python\\|nikto\\|sqlmap\\|acunetix\\|fimap\\|dirbuster\\|cmsmap\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"217\"][id\"990210\"][msg\"Suspicioususer-agentblocked\"][hostname\"www.monteco-suisse.ch.136-243-54-122.cpanel.site\"][uri\"/wp-json/gravitysmtp/v1/tests/mock-data\"][unique_id\"agPsF6GlBFcg6IWMExnlfgAAANY\"] show less	Port Scan Brute-Force Web App Attack
🇪🇸 librebit	2026-03-13 05:23:25 (2 months ago)	Brute force	Brute-Force
🇳🇱 homeshowdomain.nl	2026-03-02 22:59:06 (3 months ago)	Auto-ban: >3000 req/min op 2026-03-02	Web App Attack SSH Hacking
🇫🇷 Security_Whaller	2026-02-28 14:29:58 (3 months ago)	Malicious activity detected on Honeypot.	Brute-Force Hacking Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-31 00:58:56 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-10 12:51:01 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.63 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 10 07:50:55.366409 2025] [security2:error] [pid 1885:tid 1885] [client 104.207.58.63:43557] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cassialifesci.com"] [uri "/.git/HEAD"] [unique_id "aTlsr5SsDWjSEtK3bcmpTgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2025-12-08 08:59:19 (5 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.58.63 (TH/Thailand/-): 1 in ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.58.63 (TH/Thailand/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 07:55:47 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.63 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 02:55:44.945089 2025] [security2:error] [pid 8947:tid 8989] [client 104.207.58.63:23587] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "coloradospringsmohs.com"] [uri "/.git/HEAD"] [unique_id "aTaEgFOXRoWzqdX3ccZXwgAAAcw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 15:18:52 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.63 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 10:18:48.896628 2025] [security2:error] [pid 11509:tid 11509] [client 104.207.58.63:49573] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tallahasseepartybuses.com"] [uri "/.env"] [unique_id "aTL32BW6gwcBHkYCU9QjJAAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 13:14:03 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.63 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 08:13:56.634700 2025] [security2:error] [pid 11239:tid 11239] [client 104.207.58.63:48353] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "derekvantreese.com"] [uri "/.git/HEAD"] [unique_id "aTLalH4AH2Q9OkYnQ7mGmgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 11:47:10 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.63 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 06:47:06.838426 2025] [security2:error] [pid 26373:tid 26373] [client 104.207.58.63:38319] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "michaelkivisto.com"] [uri "/.svn/wc.db"] [unique_id "aTLGOovm-BdpDIhMvSU-JAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 10:34:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.63 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 05:34:45.806279 2025] [security2:error] [pid 31088:tid 31092] [client 104.207.58.63:56459] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "joeandlane.com"] [uri "/.git/HEAD"] [unique_id "aTK1RYB50pICYId1kcUahQAAAUI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 10:08:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.63 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 05:08:07.629697 2025] [security2:error] [pid 30184:tid 30184] [client 104.207.58.63:21109] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autumn-kennedy.com"] [uri "/.git/HEAD"] [unique_id "aTKvB1Rw-O3uv42gwWbT0wAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 06:18:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.63 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 01:18:31.526804 2025] [security2:error] [pid 31348:tid 31348] [client 104.207.58.63:54759] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "denverrealestateadvice.com"] [uri "/.svn/wc.db"] [unique_id "aTJ5Ny_sptf0uh-KNKK2VQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 131 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 136.107.25.233

🇳🇱 45.148.10.151

🇺🇸 36.255.215.27

🇮🇶 194.31.220.229

🇺🇸 150.107.38.251

🇺🇸 147.185.132.27

🇧🇷 138.255.207.113

🇱🇦 115.84.114.157

🇰🇷 106.247.22.181

🇹🇷 95.70.185.105

🇺🇸 65.49.1.75

🇨🇳 58.211.39.86

🇺🇸 3.144.153.69

🇺🇸 162.216.149.181

🇺🇸 162.142.125.0

🇦🇷 143.202.96.250

🇪🇪 109.206.241.199

🇮🇩 103.180.165.117

🇷🇴 92.118.39.62

🇺🇸 66.132.195.18