JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.51.122

104.207.51.122 was found in our database!

This IP was reported 125 times. Confidence of Abuse is 12%: ?

12%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.51.122

Whois 104.207.51.122

IP Abuse Reports for 104.207.51.122:

This IP address has been reported a total of 125 times from 15 distinct sources. 104.207.51.122 was first reported on May 18th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-05-19 22:27:11 (1 month ago)	Known malicious PHP file or CMS probe	Web App Attack
🇫🇷 MatStef132	2026-05-19 21:11:03 (1 month ago)	MatShield L7: blocked on mathost.eu (ua-quarantined)	Bad Web Bot
🇳🇱 MatStef132	2026-05-19 20:21:32 (1 month ago)	MatShield L7: blocked on chat.justchat.icu (ua-quarantined)	Bad Web Bot
🇫🇷 MatStef132	2026-05-14 22:03:10 (1 month ago)	MatShield L7 blocked request to mathost.eu for reason ua-q	DDoS Attack Bad Web Bot Web App Attack
🇫🇷 MatStef132	2026-05-14 21:32:38 (1 month ago)	[mathost.eu] ua-q	DDoS Attack Bad Web Bot Web App Attack
🇪🇸 el-brujo	2026-04-28 15:44:20 (1 month ago)	Cloudflare WAF: Request Path: /123456 Request Query: ?_ga=1777391059951159699 Host: elhacker.net use ... show more Cloudflare WAF: Request Path: /123456 Request Query: ?_ga=1777391059951159699 Host: elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Action: block Source: ratelimit ASN Description: 3xK Tech GmbH Country: DE Method: GET Timestamp: 2026-04-28T15:44:20Z ruleId: 11a71ad4659e48b29b5173e3bcc61b4a. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (3 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-01-07 14:23:10 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.122 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.122 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 07 09:23:03.295199 2026] [security2:error] [pid 10836:tid 10836] [client 104.207.51.122:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "perl-photo.com"] [uri "/.git/HEAD"] [unique_id "aV5sR5qcmsbbfuqf4kowZQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:15:08 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.122 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.122 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:15:03.787447 2025] [security2:error] [pid 2566013:tid 2566034] [client 104.207.51.122:26133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jeffgolden.com"] [uri "/.git/HEAD"] [unique_id "aVIOV5pwqS-pohtV-2wzFQAAANI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 03:33:06 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.122 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.122 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 22:33:02.809546 2025] [security2:error] [pid 4764:tid 4764] [client 104.207.51.122:38653] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "boat-registration-spain.com"] [uri "/.svn/wc.db"] [unique_id "aVH2bgthMXXziXt7faBIQAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:38:52 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.122 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.122 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:38:42.952263 2025] [security2:error] [pid 28538:tid 28538] [client 104.207.51.122:59633] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.lonb.org"] [uri "/.env"] [unique_id "aSQnon0dmq07x3Q5VNzUVAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:19:58 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.122 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.122 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:19:49.879994 2025] [security2:error] [pid 5103:tid 5151] [client 104.207.51.122:33507] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.gochemless.com"] [uri "/.env"] [unique_id "aSQHFVz8f4PiRLoPAIHAYgAAAM4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:00:18 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.122 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.122 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:59:34.598691 2025] [security2:error] [pid 24100:tid 24100] [client 104.207.51.122:28541] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whmlradio.jazziientertainment.com"] [uri "/.git/HEAD"] [unique_id "aSP0Rg4iRNXvitVsA0BVKgAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:13:39 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.122 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.122 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:13:32.431494 2025] [security2:error] [pid 16933:tid 16933] [client 104.207.51.122:16833] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.psicologos-omega.com"] [uri "/.git/HEAD"] [unique_id "aSPbbN1CLn3bjqwC3oGx6AAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2025-11-01 08:58:47 (7 months ago)	104.207.51.122 - - [01/Nov/2025:02:58:47 -0600] "POST /wp-login.php HTTP/1.1" 301 162 "-" "Mozilla/5 ... show more 104.207.51.122 - - [01/Nov/2025:02:58:47 -0600] "POST /wp-login.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:140.0) Gecko/20100101 Firefox/140.0" ... show less	Brute-Force

Showing 1 to 15 of 125 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 69.5.169.157

🇸🇬 43.128.113.103

🇹🇷 2a00:1d34:6449:e200:994d:bf0:5843:4c84

🇧🇷 201.16.238.49

🇧🇷 187.111.1.231

🇫🇷 172.71.134.124

🇮🇳 103.252.168.4

🇳🇱 45.156.87.166

🇮🇳 13.127.98.209

🇨🇳 221.229.218.50

🇰🇿 212.154.234.9

🇬🇧 195.96.139.117

🇧🇷 177.85.247.230

🇳🇱 176.65.139.253

🇫🇮 147.185.133.74

🇨🇳 120.7.68.121

🇵🇰 111.92.145.34

🇹🇼 59.127.68.250

🇮🇳 27.97.96.59

🇺🇸 20.169.105.51