JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.51.200

104.207.51.200 was found in our database!

This IP was reported 131 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.51.200

Whois 104.207.51.200

IP Abuse Reports for 104.207.51.200:

This IP address has been reported a total of 131 times from 12 distinct sources. 104.207.51.200 was first reported on June 4th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇧🇷 hostseries	2026-01-16 17:34:56 (4 months ago)	Trigger: LF_DISTATTACK	Brute-Force
🇩🇪 John Chrys.	2026-01-04 12:51:32 (5 months ago)	104.207.51.200 - - [04/Jan/2026:14:51:30 +0200] "POST /xmlrpc.php HTTP/1.1" 403 4083 "-" "Mozilla/5. ... show more 104.207.51.200 - - [04/Jan/2026:14:51:30 +0200] "POST /xmlrpc.php HTTP/1.1" 403 4083 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Edg/120.0.0.0" 104.207.51.200 - - [04/Jan/2026:14:51:31 +0200] "POST /xmlrpc.php HTTP/1.1" 403 4083 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 104.207.51.200 - - [04/Jan/2026:14:51:31 +0200] "POST /xmlrpc.php HTTP/1.1" 403 4083 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" 104.207.51.200 - - [04/Jan/2026:14:51:31 +0200] "POST /xmlrpc.php HTTP/1.1" 403 4083 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:121.0) Gecko/20100101 Firefox/121.0" 104.207.51.200 - - [04/Jan/2026:14:51:31 +0200] "POST /xmlrpc.php HTTP/1.1" 403 4083 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Saf ... show less	Brute-Force Web App Attack
🇮🇹 VHosting	2026-01-03 15:45:09 (5 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-10 01:53:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 20:53:17.873275 2025] [security2:error] [pid 29788:tid 29801] [client 104.207.51.200:40917] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "veralogistica.com"] [uri "/.svn/wc.db"] [unique_id "aTjSjT5ilCiUBsnFDKqKFQAAAEs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 18:59:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 13:59:44.592546 2025] [security2:error] [pid 12776:tid 12776] [client 104.207.51.200:17499] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "slampools.com"] [uri "/.env"] [unique_id "aThxoGCjG6aBy86WZ7QYoQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 09:52:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 04:52:32.474595 2025] [security2:error] [pid 9522:tid 9522] [client 104.207.51.200:48977] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "holland-kadaster-registration.com"] [uri "/.git/HEAD"] [unique_id "aTfxYGdWFBJV8UZq3xbo6AAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 22:14:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 17:14:25.600478 2025] [security2:error] [pid 12603:tid 12603] [client 104.207.51.200:9541] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "calypsodirect.com"] [uri "/.git/HEAD"] [unique_id "aTX8QRkWM3SDsjSkYeKeEQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 jjnxpct	2025-12-07 04:54:52 (6 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.aws/credentials (Rule ID: 930130) - Restricted File Access Attempt show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 04:37:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 23:37:11.397659 2025] [security2:error] [pid 566:tid 566] [client 104.207.51.200:56319] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "etrass.info"] [uri "/.git/HEAD"] [unique_id "aTOy9-vAv7akr7Mf1pPf9gAAADM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 03:32:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 22:32:03.638083 2025] [security2:error] [pid 9086:tid 9086] [client 104.207.51.200:43191] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "praiseworthy.info"] [uri "/.env"] [unique_id "aTOjs4ALcBaYwp3-KBo8_AAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 02:40:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 21:40:46.867186 2025] [security2:error] [pid 32604:tid 32604] [client 104.207.51.200:14255] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vidalwrightlaw.com"] [uri "/.git/HEAD"] [unique_id "aTJGLsKkLsPhjTuDTLQAygAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 00:57:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 19:57:54.897118 2025] [security2:error] [pid 24728:tid 24728] [client 104.207.51.200:27057] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "slattery-law.com"] [uri "/.svn/wc.db"] [unique_id "aTIuEknUMdIA_ALx666rhgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 19:46:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 14:46:30.264994 2025] [security2:error] [pid 18213:tid 18213] [client 104.207.51.200:26935] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "weirdlovemakers.com"] [uri "/.git/HEAD"] [unique_id "aS9CFhdyvD3bCExciKv_ygAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:11:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:11:11.670246 2025] [security2:error] [pid 21633:tid 21656] [client 104.207.51.200:41211] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lzmarketingsolutions.com"] [uri "/.svn/wc.db"] [unique_id "aS5073tqpdoQru--A_BqsgAAAFU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 131 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.147.125.87

🇧🇷 205.210.31.231

🇧🇪 198.235.24.161

🇮🇩 180.248.49.237

🇺🇸 54.144.94.156

🇳🇱 45.198.224.18

🇺🇦 37.221.133.104

🇺🇸 20.163.34.47

🇺🇸 205.210.31.83

🇺🇸 198.57.179.68

🇺🇸 195.250.29.165

🇺🇸 195.184.76.201

🇧🇷 177.190.77.164

🇳🇱 172.211.56.214

🇮🇳 128.185.228.134

🇮🇳 128.185.220.90

🇮🇳 128.185.218.118

🇺🇸 104.243.35.104

🇭🇰 47.243.207.112

🇹🇷 31.145.131.202