JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.51.168

104.207.51.168 was found in our database!

This IP was reported 156 times. Confidence of Abuse is 55%: ?

55%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.51.168

Whois 104.207.51.168

IP Abuse Reports for 104.207.51.168:

This IP address has been reported a total of 156 times from 28 distinct sources. 104.207.51.168 was first reported on June 14th 2024, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 koinkash.org	2026-06-25 17:42:30 (3 hours ago)	They are fraudulent. Malicious threat actor requesting php file /wp-login.php	Web App Attack
🇬🇧 spamverify.com	2026-06-22 16:05:22 (3 days ago)	Honeypot Hit: WordPress Login	Web Spam Blog Spam Bad Web Bot Web App Attack
Anonymous	2026-06-22 01:58:16 (3 days ago)	[ns65.kdns.gr] httpd-login-spray-site: sites=villafleria.gr; logs=/var/log/httpd/domains/villafleria ... show more [ns65.kdns.gr] httpd-login-spray-site: sites=villafleria.gr; logs=/var/log/httpd/domains/villafleria.gr.log; samples=site_wide=true \| distinct_ips=12 \| /wp-login.php show less	Hacking Web App Attack
🇩🇪 nyt	2026-06-17 19:08:52 (1 week ago)	Repeated WordPress login POSTs blocked by WAF (3 in 6h)	Brute-Force Web App Attack
🇫🇷 ELYAZ	2026-06-17 02:40:09 (1 week ago)	(y4) Failed scan -byebye- from 104.207.51.168 (GB/United Kingdom/-): (CF_ENABLE)	Hacking
🇩🇪 F242	2026-06-14 19:08:54 (1 week ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇫🇷 Hippoline	2026-06-14 17:05:03 (1 week ago)	Jun 14 19:05:02 local wp(XXXX-A)[22716]: Authentication attempt for unknown user admin from ::ffff:1 ... show more Jun 14 19:05:02 local wp(XXXX-A)[22716]: Authentication attempt for unknown user admin from ::ffff:104.207.51.168 ... show less	Brute-Force Web App Attack
🇬🇷 setupgr	2026-06-13 10:11:13 (1 week ago)	(mod_security) mod_security (id:900001) triggered by 104.207.51.168: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:900001) triggered by 104.207.51.168: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sat Jun 13 13:11:13.246344 2026] [security2:error] [pid 705245:tid 705413] [client 104.207.51.168:47777] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.setworldup.com"] [severity "CRITICAL"] [tag "security"] [hostname "mail.setworldup.com"] [uri "/wp-login.php"] [unique_id "ai0swQxs6RPthBTSH2k-mAAAAI0"], referer: https://mail.setworldup.com/wp-login.php show less	Port Scan
🇬🇷 setupgr	2026-06-13 09:54:21 (1 week ago)	(mod_security) mod_security (id:900001) triggered by 104.207.51.168: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:900001) triggered by 104.207.51.168: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sat Jun 13 12:54:20.869307 2026] [security2:error] [pid 705293:tid 705485] [client 104.207.51.168:34189] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.setworldup.com"] [severity "CRITICAL"] [tag "security"] [hostname "mail.setworldup.com"] [uri "/wp-login.php"] [unique_id "ai0ozHxsrtCDMa-O0cItqAAAAQk"], referer: https://mail.setworldup.com/wp-login.php show less	Port Scan
Anonymous	2026-06-12 11:17:22 (1 week ago)	[ssd1.kdns.gr] httpd-login-spray-site: sites=me-meraki.gr; logs=/var/log/httpd/domains/me-meraki.gr. ... show more [ssd1.kdns.gr] httpd-login-spray-site: sites=me-meraki.gr; logs=/var/log/httpd/domains/me-meraki.gr.log; samples=site_wide=true \| distinct_ips=13 \| /wp-login.php show less	Hacking Web App Attack
🇩🇪 FeG Deutschland	2026-06-12 05:48:34 (1 week ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 dtorrer	2026-06-11 18:09:34 (2 weeks ago)	Brute-force general attack.	Brute-Force
🇲🇽 octageeks.com	2026-06-11 04:23:16 (2 weeks ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇫🇷 ELYAZ	2026-06-10 06:13:20 (2 weeks ago)	(y4) Failed scan -byebye- from 104.207.51.168 (GB/United Kingdom/-): (CF_ENABLE)	Hacking
🇺🇸 Victor López	2026-05-06 04:30:25 (1 month ago)	104.207.51.168 - - [05/May/2026:23:30:24 -0500] "GET /.env.bak HTTP/2.0" 403 146 "-" "curl/8.7.1" 10 ... show more 104.207.51.168 - - [05/May/2026:23:30:24 -0500] "GET /.env.bak HTTP/2.0" 403 146 "-" "curl/8.7.1" 104.207.51.168 - - [05/May/2026:23:30:24 -0500] "GET /.env HTTP/2.0" 403 146 "-" "curl/8.7.1" 104.207.51.168 - - [05/May/2026:23:30:24 -0500] "GET /.env.backup HTTP/2.0" 403 146 "-" "curl/8.7.1" ... show less	Hacking Web App Attack

Showing 1 to 15 of 156 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 195.68.142.21

🇳🇱 185.93.89.9

🇺🇸 152.32.206.74

🇺🇸 8.26.240.98

🇱🇹 185.169.4.161

🇭🇰 152.32.169.155

🇺🇸 144.172.104.203

🇫🇷 91.231.89.158

🇫🇷 91.121.63.97

🇧🇷 20.226.81.217

🇨🇳 14.103.123.167

🇷🇴 2.57.121.25

🇰🇷 220.79.122.158

🇺🇸 208.109.191.140

🇺🇸 199.189.225.167

🇻🇳 152.32.160.252

🇦🇷 45.224.142.133

🇸🇪 185.246.128.171

🇸🇪 171.25.158.47

🇨🇳 125.45.48.186