JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.63.138

104.207.63.138 was found in our database!

This IP was reported 124 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.63.138

Whois 104.207.63.138

IP Abuse Reports for 104.207.63.138:

This IP address has been reported a total of 124 times from 17 distinct sources. 104.207.63.138 was first reported on June 7th 2024, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:32 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇩🇪 zumbo.net	2025-12-25 15:53:03 (5 months ago)	[Thu Dec 25 18:53:03.069127 2025] [proxy_fcgi:error] [pid 2943635:tid 2943643] [client 104.207.63.13 ... show more [Thu Dec 25 18:53:03.069127 2025] [proxy_fcgi:error] [pid 2943635:tid 2943643] [client 104.207.63.138:0] AH01071: Got error 'Primary script unknown' [Thu Dec 25 18:53:03.222995 2025] [proxy_fcgi:error] [pid 2827232:tid 2827286] [client 104.207.63.138:0] AH01071: Got error 'Primary script unknown', referer: http://pmcteknoloji.com/wp-login.php ... show less	Brute-Force Web App Attack
🇨🇭 backslash	2025-12-25 06:20:04 (5 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇮🇹 VHosting	2025-12-23 16:50:09 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-12-08 23:52:33 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 18:52:27.719110 2025] [security2:error] [pid 7527:tid 7531] [client 104.207.63.138:60417] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aspencommission.com"] [uri "/.svn/wc.db"] [unique_id "aTdku56kC5m2Hn3pNrkCjwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 00:38:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 19:38:52.249662 2025] [security2:error] [pid 30452:tid 30466] [client 104.207.63.138:54215] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tomithai.com"] [uri "/.env"] [unique_id "aTYeHGE6hJRE7mLjS7TaSQAAAEw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 18:44:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 13:43:57.840470 2025] [security2:error] [pid 27048:tid 27048] [client 104.207.63.138:14081] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hamiltontruckingcompany.com"] [uri "/.git/HEAD"] [unique_id "aTXK7WnLBO2zjO_nNCrjyQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 16:26:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 11:26:44.842218 2025] [security2:error] [pid 25902:tid 25902] [client 104.207.63.138:28669] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sanjuangrange.org"] [uri "/.git/HEAD"] [unique_id "aTWqxNQxRbPVD1dcqIqQ1QAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 12:50:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 07:50:11.560227 2025] [security2:error] [pid 15431:tid 15431] [client 104.207.63.138:56481] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cyber-matrix.org"] [uri "/.env"] [unique_id "aTV4A5j5t6JSwt4M42-gFgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 17:00:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 12:00:37.667800 2025] [security2:error] [pid 1472:tid 1472] [client 104.207.63.138:24189] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bernescobar.com"] [uri "/.svn/wc.db"] [unique_id "aTMPtY-sKfu7BXSU7CSIGAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 03:40:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 22:40:09.317542 2025] [security2:error] [pid 17259:tid 17259] [client 104.207.63.138:58763] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fatlandtheplay.com"] [uri "/.git/HEAD"] [unique_id "aTJUGbRmReldC0x9K4mmqgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 oralunal	2025-10-27 12:52:02 (7 months ago)	IP banned by Fail2Ban in jail sshd auth.log mvfnds ...	SSH
🇩🇪 cloudmax	2025-10-27 12:22:36 (7 months ago)	Cloudmax IPS Block - Suspicious activity. Possible port scanning, service reconnaissance, or vulnera ... show more Cloudmax IPS Block - Suspicious activity. Possible port scanning, service reconnaissance, or vulnerability probing show less	Port Scan
🇫🇷 Phenix Info	2025-10-27 04:51:15 (7 months ago)	SSH Login failed	Brute-Force SSH
Anonymous	2025-04-07 05:54:07 (1 year ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 124 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇹 101.58.112.120

🇺🇸 205.210.31.82

🇦🇷 181.167.144.229

🇿🇦 165.165.111.192

🇯🇵 165.154.231.236

🇺🇸 64.62.156.39

🇯🇵 54.248.17.61

🇪🇬 41.234.149.236

🇺🇸 35.231.22.159

🇺🇸 20.168.121.152

🇺🇸 18.191.175.252

🇺🇸 13.89.125.20

🇩🇪 5.182.207.245

🇺🇸 216.180.246.239

🇩🇪 192.109.200.220

🇬🇧 188.240.59.6

🇺🇸 147.185.132.194

🇳🇱 89.125.56.145

🇮🇹 88.147.30.59

🇨🇦 85.217.149.67