JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.51.152

104.207.51.152 was found in our database!

This IP was reported 137 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.51.152

Whois 104.207.51.152

IP Abuse Reports for 104.207.51.152:

This IP address has been reported a total of 137 times from 19 distinct sources. 104.207.51.152 was first reported on June 11th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇳🇱 Mangelot Hosting	2026-01-10 22:03:44 (4 months ago)	(bad_user_agent) srv102 Bad User-Agent 104.207.51.152 (GB/United Kingdom/-): 10 in the last 3600 sec ... show more (bad_user_agent) srv102 Bad User-Agent 104.207.51.152 (GB/United Kingdom/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
Anonymous	2026-01-05 20:29:16 (4 months ago)	Attempted brute force login to web vpn 18 time(s); last attempt for 2026.01.05 is noted in report ti ... show more Attempted brute force login to web vpn 18 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇮🇹 LTM	2025-12-29 07:20:02 (5 months ago)	WebServer - Attempts to exploit	Hacking Brute-Force Web App Attack
🇺🇸 myagent.site	2025-12-29 04:56:39 (5 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2025-12-29 04:28:52 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:28:44.719452 2025] [security2:error] [pid 7727:tid 7727] [client 104.207.51.152:10381] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eutoc.com"] [uri "/.svn/wc.db"] [unique_id "aVIDfGzBusgOZpAQDzD8jwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 02:21:34 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 21:21:26.607898 2025] [security2:error] [pid 1023927:tid 1023927] [client 104.207.51.152:13921] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "theholographicseed.com"] [uri "/.git/HEAD"] [unique_id "aVHlpghQLGgPj-V9xn2NwAAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ut-addicted.com	2025-12-29 01:55:25 (5 months ago)	\[Mon Dec 29 02:55:24.449021 2025\] \[:error\] \[pid 14108:tid 140546119022336\] \[client 104.207.51 ... show more \[Mon Dec 29 02:55:24.449021 2025\] \[:error\] \[pid 14108:tid 140546119022336\] \[client 104.207.51.152:36581\] \[client 104.207.51.152\] ModSecurity: Access denied with code 403 \(phase 2\). Operator GE matched 5 at TX:anomaly_score. \[file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-949-BLOCKING-EVALUATION.conf"\] \[line "57"\] \[id "949110"\] \[msg "Inbound Anomaly Score Exceeded \(Total Score: 5\)"\] \[severity "CRITICAL"\] \[tag "application-multi"\] \[tag "language-multi"\] \[tag "platform-multi"\] \[tag "attack-generic"\] \[hostname "www.ut-addicted.com"\] \[uri "/.git/HEAD"\] \[unique_id "aVHfjPP2fVZzfbl6NfDCRQAAAAQ"\] show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-28 23:57:00 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 18:56:54.154912 2025] [security2:error] [pid 24694:tid 24724] [client 104.207.51.152:25457] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "resort4pets.com"] [uri "/.env"] [unique_id "aVHDxl7wAIExUf0IlBNczAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-28 18:06:22 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 13:06:12.930522 2025] [security2:error] [pid 5522:tid 5522] [client 104.207.51.152:31701] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "actability.com"] [uri "/.env"] [unique_id "aVFxlGMUhX0pOW4kE_F6ywAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-28 08:09:13 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 03:09:09.486801 2025] [security2:error] [pid 14472:tid 14472] [client 104.207.51.152:11257] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "roachranch.com"] [uri "/.svn/wc.db"] [unique_id "aVDlpWZGi3K5h_A3_FEOGgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-28 07:12:23 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 02:12:17.626522 2025] [security2:error] [pid 27978:tid 27978] [client 104.207.51.152:51795] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whomakestherules.com"] [uri "/.env"] [unique_id "aVDYUU6FoEqnst4AgiyoJwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-28 06:51:04 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 01:50:58.403598 2025] [security2:error] [pid 21636:tid 21636] [client 104.207.51.152:59449] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "modmove.com"] [uri "/.svn/wc.db"] [unique_id "aVDTUp_zfYgvXU6_kyoxtQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-28 05:07:08 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 00:07:03.265111 2025] [security2:error] [pid 24201:tid 24205] [client 104.207.51.152:40545] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "beelineproductions.com"] [uri "/.git/HEAD"] [unique_id "aVC693oLkGsj6Kwes58P-wAAAEI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 22:05:32 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 17:05:25.851317 2025] [security2:error] [pid 18013:tid 18013] [client 104.207.51.152:15683] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mitchellamazing.com"] [uri "/.env"] [unique_id "aVBYJeGUwRvt021d_soUPQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 137 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 182.180.154.234

🇸🇬 172.253.211.89

🇺🇸 162.216.149.56

🇨🇳 114.138.118.215

🇩🇪 47.245.143.210

🇩🇪 45.131.109.76

🇨🇳 218.28.18.2

🇭🇰 199.45.154.118

🇺🇸 195.184.76.230

🇺🇸 195.184.76.5

🇹🇭 171.4.225.83

🇺🇸 165.154.173.21

🇫🇮 147.185.133.17

🇮🇳 103.132.243.250

🇫🇷 94.176.161.162

🇷🇴 80.94.92.164

🇺🇸 74.48.105.66

🇺🇸 65.49.1.152

🇨🇳 60.166.82.84

🇺🇸 50.62.22.47