JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.63.153

104.207.63.153 was found in our database!

This IP was reported 126 times. Confidence of Abuse is 17%: ?

17%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.63.153

Whois 104.207.63.153

IP Abuse Reports for 104.207.63.153:

This IP address has been reported a total of 126 times from 14 distinct sources. 104.207.63.153 was first reported on June 4th 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇱 Dolphi	2026-06-02 07:20:02 (3 days ago)	POST //xmlrpc.php	Brute-Force Web App Attack
🇺🇸 SiliSoftware	2026-05-26 02:32:16 (1 week ago)	/wp-includes/wlwmanifest.xml	Web App Attack
🇮🇹 [email protected]	2026-04-18 11:19:54 (1 month ago)	[Sat Apr 18 13:19:53.990896 2026] [authz_core:error] [pid 560721:tid 560764] [remote 104.207.63.153: ... show more [Sat Apr 18 13:19:53.990896 2026] [authz_core:error] [pid 560721:tid 560764] [remote 104.207.63.153:27885] AH01630: client denied by server configuration: /var/www/html/MyWeb/Wordpress_www/wp-login.php ... show less	Brute-Force Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2025-12-10 01:39:04 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.153 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 20:38:56.468361 2025] [security2:error] [pid 27499:tid 27520] [client 104.207.63.153:32591] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "barkdullit.com"] [uri "/.git/HEAD"] [unique_id "aTjPMHaP2llwEdoBJ3Py2QAAAFM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 Shaik Sai Meera	2025-12-09 22:15:14 (5 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇺🇸 TPI-Abuse	2025-12-07 13:03:29 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.153 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 08:03:20.932703 2025] [security2:error] [pid 7833:tid 7833] [client 104.207.63.153:47573] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "empoweruohio.org"] [uri "/.git/HEAD"] [unique_id "aTV7GLnrryL9lD8xykJzXgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2025-12-06 22:59:45 (5 months ago)	Auto-ban: >3000 req/min op 2025-12-06	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-12-06 02:59:20 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.153 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 21:59:13.014941 2025] [security2:error] [pid 30829:tid 30841] [client 104.207.63.153:44377] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "doorways.info"] [uri "/.svn/wc.db"] [unique_id "aTOcAWFjWReQMe-m8QqJ9AAAAIk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 13:44:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.153 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 08:44:05.469008 2025] [security2:error] [pid 27795:tid 27795] [client 104.207.63.153:23957] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "starfishchristmascards.com"] [uri "/.svn/wc.db"] [unique_id "aTLhpS65_uhffUFIkCY5ZgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 13:18:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.153 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 08:17:57.549149 2025] [security2:error] [pid 30693:tid 30693] [client 104.207.63.153:59271] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pghsea.com"] [uri "/.git/HEAD"] [unique_id "aTLbhYExmPkz_v3HNGJdSwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 08:18:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.153 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 03:18:20.322785 2025] [security2:error] [pid 1498:tid 1498] [client 104.207.63.153:26229] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hydrusdetergents.com"] [uri "/.git/HEAD"] [unique_id "aTKVTKFOk1taVazjSCtwMwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 03:02:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.153 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 22:02:12.150437 2025] [security2:error] [pid 1774:tid 1774] [client 104.207.63.153:10517] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "davesastro.com"] [uri "/.svn/wc.db"] [unique_id "aTJLNPcH_SnzwPARdXw2YAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-30 14:33:28 (7 months ago)	WordPress Brute Force	Brute-Force
Anonymous	2025-10-19 12:05:30 (7 months ago)	Attempted brute force login to web vpn 54 time(s); last attempt for 2025.10.19 is noted in report ti ... show more Attempted brute force login to web vpn 54 time(s); last attempt for 2025.10.19 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 126 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 103.78.1.33

🇳🇱 81.19.216.98

🇨🇳 183.202.208.201

🇺🇸 165.227.209.27

🇩🇪 91.217.249.2

🇷🇴 2.57.122.177

🇨🇦 209.235.136.138

🇧🇷 205.210.31.165

🇨🇳 121.20.130.253

🇳🇱 89.21.67.165

🇨🇳 223.109.252.227

🇳🇱 185.242.226.91

🇧🇬 83.147.241.138

🇨🇳 14.103.113.42

🇷🇺 213.183.120.56

🇮🇩 103.15.226.202

🇩🇪 80.152.156.228

🇧🇬 79.124.62.134

🇺🇸 69.126.144.30

🇺🇸 23.251.34.79