JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.51.170

104.207.51.170 was found in our database!

This IP was reported 132 times. Confidence of Abuse is 31%: ?

31%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.51.170

Whois 104.207.51.170

IP Abuse Reports for 104.207.51.170:

This IP address has been reported a total of 132 times from 17 distinct sources. 104.207.51.170 was first reported on June 8th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 lostswordfish.com	2026-06-13 12:18:04 (2 days ago)	Wordfence waf block on jestrellafoundation	Web App Attack
Anonymous	2026-06-13 08:22:53 (2 days ago)	[server.tmg.gr] httpd-login-spray-site: sites=hacm.gr; logs=/var/log/httpd/domains/hacm.gr.log; samp ... show more [server.tmg.gr] httpd-login-spray-site: sites=hacm.gr; logs=/var/log/httpd/domains/hacm.gr.log; samples=site_wide=true \| distinct_ips=20 \| /wp-login.php show less	Hacking Web App Attack
🇬🇷 setupgr	2026-06-12 15:36:44 (2 days ago)	(mod_security) mod_security (id:900001) triggered by 104.207.51.170: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:900001) triggered by 104.207.51.170: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 12 18:36:40.020313 2026] [security2:error] [pid 351316:tid 351391] [client 104.207.51.170:9243] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.pankoskal.gr"] [severity "CRITICAL"] [tag "security"] [hostname "mail.pankoskal.gr"] [uri "/wp-login.php"] [unique_id "aiwniLq30_W11Oxn5fZu-QAAAEI"], referer: https://mail.pankoskal.gr/wp-login.php show less	Port Scan
🇩🇪 FeG Deutschland	2026-06-09 19:17:44 (5 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 24	Exploited Host Web App Attack
🇸🇮 administrator	2026-06-02 22:15:07 (1 week ago)	2026-06-02 00:06:56,413 fail2ban.actions [1162]: NOTICE [ninjafirewall] Ban 104.207.51.170 2 ... show more 2026-06-02 00:06:56,413 fail2ban.actions [1162]: NOTICE [ninjafirewall] Ban 104.207.51.170 2026-06-02 00:06:56,413 fail2ban.actions [1162]: NOTICE [ninjafirewall] Ban 104.207.51.170 ... show less	Bad Web Bot Web Spam Email Spam Blog Spam Port Scan Brute-Force Web App Attack
🇸🇮 administrator	2026-05-04 16:24:18 (1 month ago)	2026-04-11 09:16:38,099 fail2ban.actions [530353]: NOTICE [ninjafirewall] Ban 104.207.51.170 ... show more 2026-04-11 09:16:38,099 fail2ban.actions [530353]: NOTICE [ninjafirewall] Ban 104.207.51.170 2026-04-12 00:30:03,333 fail2ban.actions [1294183]: NOTICE [ninjafirewall] Ban 104.207.51.170 2026-04-16 07:23:16,127 fail2ban.actions [1104]: NOTICE [ninjafirewall] Ban 104.207.51.170 ... show less	Bad Web Bot Web Spam Email Spam Blog Spam Port Scan Brute-Force Web App Attack
🇦🇺 MAGIC	2026-04-20 03:16:25 (1 month ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇩🇪 LRob.fr	2026-04-12 11:45:06 (2 months ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇱🇻 garmtech.com	2026-03-05 03:04:28 (3 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 05-04.104.207.51.170.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 05-04.104.207.51.170.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇬🇧 relianoid.com	2026-01-26 16:38:05 (4 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇳🇱 jjnxpct	2025-11-26 04:56:06 (6 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.git/HEAD (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .git/ found within REQUEST_FILENAME: /.git/HEAD] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:26:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.170 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:26:25.404031 2025] [security2:error] [pid 16758:tid 16758] [client 104.207.51.170:53041] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.eastbrooktech.com"] [uri "/.env"] [unique_id "aSVMEfQmPHdH9ZO2ALHpKgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:46:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.170 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:46:13.797774 2025] [security2:error] [pid 2863:tid 2863] [client 104.207.51.170:13807] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.adj-tech.net"] [uri "/.git/HEAD"] [unique_id "aSU0ldO_cND8J-d10UlVwQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:15:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.170 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:15:43.697788 2025] [security2:error] [pid 20619:tid 20619] [client 104.207.51.170:47629] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.marjorierosenberg.com"] [uri "/.env"] [unique_id "aSUtb4fMzNfNrJEDddzqcwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 132 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 141.11.250.239

🇸🇬 101.47.158.56

🇨🇦 85.217.149.29

🇱🇹 77.90.185.67

🇮🇪 4.210.91.174

🇮🇳 3.108.60.145

🇰🇷 210.218.173.236

🇪🇬 196.202.110.24

🇬🇧 188.240.59.41

🇨🇳 183.6.118.248

🇳🇱 178.16.54.22

🇳🇱 176.65.139.246

🇺🇸 147.182.241.81

🇧🇬 91.92.40.97

🇸🇬 85.137.51.115

🇪🇬 41.128.181.199

🇻🇳 14.255.114.54

🇬🇧 185.200.118.46

🇯🇵 160.251.182.78

🇨🇳 123.144.23.70