JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.63.16

104.207.63.16 was found in our database!

This IP was reported 90 times. Confidence of Abuse is 3%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.63.16

Whois 104.207.63.16

IP Abuse Reports for 104.207.63.16:

This IP address has been reported a total of 90 times from 18 distinct sources. 104.207.63.16 was first reported on June 3rd 2024, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 i-turnradio.nl	2026-06-11 13:43:39 (4 days ago)	2026-06-11 @ 15:43:39 (CET) ~ Blocked for trying to access: /wp-login.php	Web App Attack
🇱🇻 garmtech.com	2026-03-09 01:09:10 (3 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
Anonymous	2026-01-05 18:34:19 (5 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-12-29 05:37:32 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:37:27.075259 2025] [security2:error] [pid 15175:tid 15175] [client 104.207.63.16:13411] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blfmarine.com"] [uri "/.svn/wc.db"] [unique_id "aVITlxWzdUtzEZyzT3TdXgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-23 19:25:41 (5 months ago)	wordpress-trap	Web App Attack
Anonymous	2025-12-12 16:28:01 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-24 09:23:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:23:05.310514 2025] [security2:error] [pid 7503:tid 7503] [client 104.207.63.16:22233] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.leesrentalcompany.com"] [uri "/.env"] [unique_id "aSQj-QLe9F46pK8OwYJyTwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:44:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:44:35.954990 2025] [security2:error] [pid 30711:tid 30711] [client 104.207.63.16:51717] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "springbrookconstruction.mordesign1.com"] [uri "/.git/HEAD"] [unique_id "aSQM47K9A-AyfhrUOPyPbAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:46:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:45:13.559995 2025] [security2:error] [pid 3424:tid 3424] [client 104.207.63.16:59953] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.lighthousechristmascards.com"] [uri "/.git/HEAD"] [unique_id "aSPw6dtehdP3OGeWf9e6VQAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:52:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:52:39.547869 2025] [security2:error] [pid 21409:tid 21409] [client 104.207.63.16:9421] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.savingshvac.com"] [uri "/.git/HEAD"] [unique_id "aSPklzhSyfsUovk2B5ehKgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2025-11-05 03:02:05 (7 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 xmission.com	2025-11-01 08:58:36 (7 months ago)	104.207.63.16 - - [01/Nov/2025:02:58:36 -0600] "POST /wp-login.php HTTP/1.1" 301 162 "-" "Mozilla/5. ... show more 104.207.63.16 - - [01/Nov/2025:02:58:36 -0600] "POST /wp-login.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:140.0) Gecko/20100101 Firefox/140.0" ... show less	Brute-Force
Anonymous	2025-10-27 10:02:55 (7 months ago)	wordpress-trap	Web App Attack
🇺🇸 Psycho Solutions LLC	2025-10-26 19:16:54 (7 months ago)	Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-admin/ - User Agent: N/A ... show more Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-admin/ - User Agent: N/A - Timestamp: 10/26/2025 7:16 pm (UTC-6) show less	Web Spam Hacking Bad Web Bot Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-10-26 12:16:35 (7 months ago)	WP Admin Scan Activities	Web App Attack

Showing 1 to 15 of 90 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇭 110.164.193.196

🇺🇸 205.210.31.108

🇫🇷 185.137.122.108

🇳🇱 176.65.148.158

🇳🇱 158.94.211.16

🇮🇳 103.160.153.42

🇻🇳 103.75.182.132

🇺🇸 67.211.219.187

🇰🇷 59.21.37.60

🇳🇱 45.148.10.157

🇺🇸 45.33.78.24

🇨🇦 35.203.98.37

🇮🇩 34.50.106.33

🇰🇿 31.132.90.3

🇰🇷 222.239.251.12

🇳🇱 176.65.148.197

🇨🇳 121.43.134.236

🇺🇸 91.230.168.133

🇩🇪 69.5.169.248

🇧🇷 43.164.195.69