JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.51.111

104.207.51.111 was found in our database!

This IP was reported 137 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.51.111

Whois 104.207.51.111

IP Abuse Reports for 104.207.51.111:

This IP address has been reported a total of 137 times from 15 distinct sources. 104.207.51.111 was first reported on June 4th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-02-20 08:28:13 (3 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:47 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇵🇱 sefinek.net	2025-12-25 06:53:19 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-02 22:32:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:32:15.910093 2025] [security2:error] [pid 12317:tid 12317] [client 104.207.51.111:41355] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "8two7.com"] [uri "/.svn/wc.db"] [unique_id "aS9o7y2kd7PZHlfz23YIFwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 22:01:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:01:40.543074 2025] [security2:error] [pid 17794:tid 17794] [client 104.207.51.111:32753] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mmaccaux.com"] [uri "/.git/HEAD"] [unique_id "aS9hxJ0xWeVPHc5ZELeSegAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 19:55:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 14:55:31.104856 2025] [security2:error] [pid 11274:tid 11274] [client 104.207.51.111:47913] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ocdentist.com"] [uri "/.env"] [unique_id "aS9EMxAtCTeJ-24rBa1V-AAAACM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 19:20:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 14:20:01.915521 2025] [security2:error] [pid 11223:tid 11223] [client 104.207.51.111:17579] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "flymarlin.com"] [uri "/.svn/wc.db"] [unique_id "aS874ZWBwcjIydFOXKjxBQAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 18:28:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 13:28:17.100072 2025] [security2:error] [pid 5182:tid 5182] [client 104.207.51.111:21237] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hwy251.com"] [uri "/.svn/wc.db"] [unique_id "aS8vwShlXBzm8y4H-f_S-wAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 07:01:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 02:01:33.533099 2025] [security2:error] [pid 3629:tid 3629] [client 104.207.51.111:19065] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "castagnino.com"] [uri "/.env"] [unique_id "aS6OzaPdmZqQDfXAeBwfXgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:44:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:44:48.788516 2025] [security2:error] [pid 16602:tid 16602] [client 104.207.51.111:40487] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bangbi.com"] [uri "/.git/HEAD"] [unique_id "aS5uwDwS17X7S5aDYDGvSgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 madeit	2025-11-30 04:37:14 (6 months ago)		Web App Attack
🇩🇪 Marc	2025-10-29 19:46:03 (7 months ago)		Brute-Force Web App Attack
Anonymous	2025-10-11 23:18:30 (7 months ago)	2025-10-12T01:18:27.485871 localhost.localdomain sshd[490389]: pam_unix(sshd:auth): authentication f ... show more 2025-10-12T01:18:27.485871 localhost.localdomain sshd[490389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.207.51.111 2025-10-12T01:18:29.831375 localhost.localdomain sshd[490389]: Failed password for invalid user Arkilik from 104.207.51.111 port 56521 ssh2 ... show less	Brute-Force SSH
Anonymous	2025-10-11 01:08:51 (8 months ago)	Attempted brute force login to web vpn 36 time(s); last attempt for 2025.10.11 is noted in report ti ... show more Attempted brute force login to web vpn 36 time(s); last attempt for 2025.10.11 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-10 21:49:43 (8 months ago)	Attempted brute force login to web vpn 54 time(s); last attempt for 2025.10.10 is noted in report ti ... show more Attempted brute force login to web vpn 54 time(s); last attempt for 2025.10.10 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 137 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 173.239.240.155

🇲🇾 172.197.176.81

🇺🇸 147.185.132.168

🇿🇦 102.129.60.208

🇺🇸 2607:f8b0:4023:1002::122

🇧🇷 205.210.31.210

🇺🇸 74.7.242.37

🇳🇱 45.148.10.151

🇺🇸 20.64.104.92

🇺🇸 209.141.46.48

🇹🇼 198.235.24.57

🇲🇽 187.212.10.12

🇳🇱 176.65.139.224

🇨🇳 117.173.77.121

🇺🇸 20.168.121.239

🇺🇸 205.210.31.57

🇺🇸 162.216.150.24

🇺🇸 146.88.241.105

🇺🇸 143.198.73.73

🇰🇷 112.219.151.50