JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.51.18

104.207.51.18 was found in our database!

This IP was reported 88 times. Confidence of Abuse is 20%: ?

20%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.51.18

Whois 104.207.51.18

IP Abuse Reports for 104.207.51.18:

This IP address has been reported a total of 88 times from 25 distinct sources. 104.207.51.18 was first reported on June 13th 2024, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-17 02:50:27 (5 days ago)	Web App Attack	Web App Attack
🇬🇧 PeravixGroup	2026-06-09 21:17:15 (1 week ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇦🇺 oncord	2026-06-04 22:15:19 (2 weeks ago)	Form spam	Web Spam
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇧🇷 hostseries	2026-02-23 18:32:36 (3 months ago)	Trigger: LF_DISTATTACK	Brute-Force
🇺🇸 TPI-Abuse	2026-02-15 12:18:17 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:18:10.500507 2026] [security2:error] [pid 23517:tid 23517] [client 104.207.51.18:46707] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "qualityms.tech"] [uri "/admin/.git/config"] [unique_id "aZG5gqEeEUxRqkhsbFtFjAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:03:01 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:02:54.234080 2026] [security2:error] [pid 1883750:tid 1883750] [client 104.207.51.18:44095] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "panacean.us"] [uri "/wp/.git/config"] [unique_id "aZG17t42jFlp7SCrB48FfwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:08:15 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:08:09.720554 2026] [security2:error] [pid 26893:tid 26893] [client 104.207.51.18:43729] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oualierealty.com"] [uri "/admin/.env"] [unique_id "aZGpGeIrgV6YfwavBdcJYwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 07:10:21 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 02:10:15.991363 2026] [security2:error] [pid 31160:tid 31160] [client 104.207.51.18:20197] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ptfea.org"] [uri "/wp/.git/config"] [unique_id "aZFxV3anD94iOcMyr09B4QAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 XICTRON	2026-02-15 06:45:06 (4 months ago)	ModSecurity rule violation detected by Fail2Ban	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:18:05 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:18:02.402627 2026] [security2:error] [pid 22763:tid 22763] [client 104.207.51.18:23195] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "promoadvocate.com"] [uri "/dev/.git/config"] [unique_id "aZFlGof9AGaiC9SZfTK64AAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:52:37 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:52:31.190841 2026] [security2:error] [pid 870605:tid 870605] [client 104.207.51.18:12063] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "omahareact.org"] [uri "/config/.env"] [unique_id "aZFfH9pXgG7ONZ87VGcA7wAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ger-stg-sifi1	2026-02-15 05:50:54 (4 months ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
Anonymous	2026-02-15 05:18:25 (4 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇺🇸 myagent.site	2026-02-15 05:05:22 (4 months ago)	Blocking for trying to access an exploit file: /v2/.git/config	Hacking

Showing 1 to 15 of 88 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 189.204.230.91

🇺🇸 130.185.239.222

🇩🇪 107.150.117.167

🇱🇻 81.30.98.49

🇩🇪 62.133.60.87

🇳🇱 45.148.10.141

🇹🇷 149.86.144.39

🇳🇱 80.82.77.33

🇺🇸 52.180.144.125

🇱🇹 45.227.254.170

🇺🇸 35.196.236.250

🇺🇸 205.210.31.48

🇩🇪 185.209.196.152

🇯🇴 176.28.136.57

🇬🇧 172.70.58.110

🇺🇸 154.83.197.94

🇨🇳 115.56.238.174

🇷🇴 80.94.92.186

🇳🇱 77.164.176.145

🇺🇸 64.62.156.142