JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.51.173

104.207.51.173 was found in our database!

This IP was reported 135 times. Confidence of Abuse is 9%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.51.173

Whois 104.207.51.173

IP Abuse Reports for 104.207.51.173:

This IP address has been reported a total of 135 times from 16 distinct sources. 104.207.51.173 was first reported on June 12th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 backslash	2026-05-23 05:03:13 (2 weeks ago)		Bad Web Bot
🇺🇸 ctrlpew	2026-05-19 00:51:07 (3 weeks ago)	WordPress login brute-force botnet targeting ctrlpew.com. Distributed attack cycling IPs every 3 sec ... show more WordPress login brute-force botnet targeting ctrlpew.com. Distributed attack cycling IPs every 3 seconds with UA rotation (Chrome/Safari). Target usernames do not exist. 2026-05-18. show less	Brute-Force Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇧🇷 hostseries	2026-02-23 18:32:07 (3 months ago)	Trigger: LF_DISTATTACK	Brute-Force
🇺🇸 TPI-Abuse	2025-11-25 06:50:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:49:53.012568 2025] [security2:error] [pid 1985780:tid 1985807] [client 104.207.51.173:19187] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "expozium.com"] [uri "/.git/HEAD"] [unique_id "aSVRkV5Zk8HeGmNZSaI3qwAAAJg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:17:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:17:12.011368 2025] [security2:error] [pid 22902:tid 22902] [client 104.207.51.173:37279] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.madburylibrary.org"] [uri "/.env"] [unique_id "aSVJ6HRuNefFSKRcVStQDQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:56:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:56:52.435401 2025] [security2:error] [pid 32028:tid 32028] [client 104.207.51.173:28543] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "emiliofatuzzo.com"] [uri "/.svn/wc.db"] [unique_id "aSVFJNsaPyduJIbXW6Vj0QAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:09:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:09:15.950513 2025] [security2:error] [pid 22194:tid 22194] [client 104.207.51.173:44719] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.regal.com.tr"] [uri "/.git/HEAD"] [unique_id "aSU5-0GQJegBTCgH9K1PDQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:04:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:04:53.628810 2025] [security2:error] [pid 31879:tid 31879] [client 104.207.51.173:10873] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.danged.com"] [uri "/.git/HEAD"] [unique_id "aSUq5duwTc7E0cNRidv5igAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:42:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:42:05.373391 2025] [security2:error] [pid 817:tid 817] [client 104.207.51.173:55249] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.bigkevsperformance.com"] [uri "/.env"] [unique_id "aSUljbtbxvOw7T-QF9CT3wAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:10:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:10:15.521921 2025] [security2:error] [pid 29718:tid 29718] [client 104.207.51.173:57063] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.den-daas.com"] [uri "/.svn/wc.db"] [unique_id "aSUeFx4_gBqFUid8ccsP5wAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:35:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:35:21.014663 2025] [security2:error] [pid 23618:tid 23618] [client 104.207.51.173:41283] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sanvayu.com"] [uri "/.svn/wc.db"] [unique_id "aSUV6UofFTfaWjN6k8COLQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:04:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:03:58.475031 2025] [security2:error] [pid 960:tid 960] [client 104.207.51.173:11865] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "creekside.biz"] [uri "/.env"] [unique_id "aSUOjoHCtcLmwQvgoBuDKgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-31 07:01:20 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.51.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.51.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 31 03:01:14.307046 2025] [security2:error] [pid 13751:tid 13751] [client 104.207.51.173:53493] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|bgellis.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bgellis.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aQReugtCOx9Lb0IirL0pMgAAAAQ"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2025-04-07 21:00:50 (1 year ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE ASN: 200373 (DREI ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE ASN: 200373 (DREI-K-TECH-GMBH) Protocol: HTTP/1.1 (GET method) Timestamp: 2025-04-07T19:42:05Z UA: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot

Showing 1 to 15 of 135 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 147.185.133.233

🇫🇷 86.217.21.47

🇩🇪 69.5.169.216

🇺🇸 192.3.60.121

🇵🇱 185.119.148.149

🇳🇱 172.217.96.17

🇺🇸 162.216.150.226

🇫🇷 85.217.140.13

🇷🇴 2.57.121.25

🇺🇸 205.210.31.72

🇳🇱 204.76.203.51

🇮🇳 182.95.48.122

🇷🇺 151.0.18.78

🇺🇸 66.132.172.238

🇳🇱 45.148.10.183

🇮🇳 2401:4900:8f81:3aa9:1924:901d:fd36:1a6e

🇺🇸 162.216.150.212

🇺🇸 136.109.198.118

🇳🇱 93.123.109.114

🇫🇷 91.231.89.217