JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.63.75

104.207.63.75 was found in our database!

This IP was reported 128 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.63.75

Whois 104.207.63.75

IP Abuse Reports for 104.207.63.75:

This IP address has been reported a total of 128 times from 16 distinct sources. 104.207.63.75 was first reported on June 11th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-12 02:17:30 (3 weeks ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇩🇪 F242	2026-01-30 05:44:50 (4 months ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 05:31:14 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.75 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 00:31:07.005158 2026] [security2:error] [pid 5483:tid 5483] [client 104.207.63.75:53945] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.makaihe.com"] [uri "/.env"] [unique_id "aWsem5Yz-FvZVL5DxmVtegAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:19 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (5 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
🇺🇸 TPI-Abuse	2025-12-08 10:32:50 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.75 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 05:32:46.922379 2025] [security2:error] [pid 7714:tid 7714] [client 104.207.63.75:20151] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "motherlyhomecare.com"] [uri "/.env"] [unique_id "aTapTmUyuzaPBsdqIlLppgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 17:27:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.75 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 12:27:37.493615 2025] [security2:error] [pid 32205:tid 32205] [client 104.207.63.75:49175] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kaibeth.com"] [uri "/.git/HEAD"] [unique_id "aTMWCUNo9DGUn--r1MIt8QAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Sklurk	2025-11-25 18:34:27 (6 months ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:47:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.75 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:47:42.258433 2025] [security2:error] [pid 23270:tid 23270] [client 104.207.63.75:18001] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.busengakko.org"] [uri "/.git/HEAD"] [unique_id "aSU07jik6ixTMRkkP8Y9YwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:16:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.75 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:16:06.125846 2025] [security2:error] [pid 26465:tid 26465] [client 104.207.63.75:13149] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.notearsweb.com"] [uri "/.git/HEAD"] [unique_id "aSUthovdy19AuJ7b-4geUgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:54:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.75 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:54:31.096912 2025] [security2:error] [pid 22868:tid 22868] [client 104.207.63.75:37897] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.bikinitweets.com"] [uri "/.env"] [unique_id "aSUodwVevioO5mq12BjAYQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:39:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.75 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:39:13.051163 2025] [security2:error] [pid 18007:tid 18007] [client 104.207.63.75:59397] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.lighthouseinvitations.com"] [uri "/.git/HEAD"] [unique_id "aSUW0W73Dy8EjTAU-sPYTAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:01:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.63.75 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.63.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:01:12.629972 2025] [security2:error] [pid 15557:tid 15557] [client 104.207.63.75:47759] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.muddybuddypals.com"] [uri "/.env"] [unique_id "aST_2K8rEK2vRqy_tp5OUAAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 oncord	2025-11-20 16:56:42 (6 months ago)	Form spam	Web Spam
Anonymous	2025-04-07 13:44:53 (1 year ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 128 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 152.32.250.188

🇧🇷 2a02:4780:66:ec08::1

🇮🇳 193.203.185.243

🇲🇽 187.212.10.12

🇩🇪 176.65.132.119

🇺🇸 104.194.196.255

🇺🇸 104.168.98.195

🇫🇷 95.170.13.251

🇱🇹 81.30.98.49

🇭🇰 223.197.178.95

🇸🇬 212.11.39.176

🇳🇱 176.65.139.254

🇺🇸 165.22.184.185

🇿🇦 147.136.66.49

🇨🇳 121.29.149.64

🇳🇱 104.166.189.182

🇺🇸 104.165.105.180

🇭🇰 103.210.21.178

🇩🇪 85.215.206.227

🇨🇳 49.64.148.121