JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.51.28

104.207.51.28 was found in our database!

This IP was reported 143 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.51.28

Whois 104.207.51.28

IP Abuse Reports for 104.207.51.28:

This IP address has been reported a total of 143 times from 19 distinct sources. 104.207.51.28 was first reported on June 4th 2024, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2025-12-21 10:32:52 (5 months ago)	Attempted brute force login to web vpn 109 time(s); last attempt for 2025.12.21 is noted in report t ... show more Attempted brute force login to web vpn 109 time(s); last attempt for 2025.12.21 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-19 23:56:00 (5 months ago)	Attempted brute force login to web vpn 145 time(s); last attempt for 2025.12.19 is noted in report t ... show more Attempted brute force login to web vpn 145 time(s); last attempt for 2025.12.19 is noted in report timestamp show less	Hacking Brute-Force
🇷🇴 clauss	2025-12-16 19:37:09 (5 months ago)	IP reached maximum auth failures for a one day block	Brute-Force
🇬🇧 openstrike.co.uk	2025-12-10 08:48:35 (5 months ago)	9 packets to port 2083	Port Scan
Anonymous	2025-12-09 16:05:01 (5 months ago)	Ports: 2077,2078,2082,2083,2086,2087,2095,2096; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-12-02 20:50:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.28 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 15:50:27.882877 2025] [security2:error] [pid 30068:tid 30068] [client 104.207.51.28:20115] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "n4fh.com"] [uri "/.env"] [unique_id "aS9RE3ZV06VU1fwPIPq-jAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 20:06:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.28 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 15:06:22.297000 2025] [security2:error] [pid 8067:tid 8067] [client 104.207.51.28:29635] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nexthop.com"] [uri "/.env"] [unique_id "aS9GvsoJAE6_MIyqUmsU-gAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:57:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.28 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:57:41.376897 2025] [security2:error] [pid 5777:tid 5777] [client 104.207.51.28:17457] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pulleasy.com"] [uri "/.svn/wc.db"] [unique_id "aS5_1dyu8TGwmlKJwhXYQwAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-01 13:25:22 (6 months ago)	botnet	DDoS Attack
🇪🇸 10dencehispahard SL	2025-11-26 10:22:04 (6 months ago)	Bot scanning for environment files .env	Web Spam Web App Attack
🇫🇮 Shaik Sai Meera	2025-11-25 21:50:05 (6 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇺🇸 TPI-Abuse	2025-11-25 06:24:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.28 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:24:07.865485 2025] [security2:error] [pid 19584:tid 19584] [client 104.207.51.28:17493] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.jimwilsongallery.com"] [uri "/.git/HEAD"] [unique_id "aSVLh4betE1H9I7FEiMGmgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:25:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.28 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:24:57.543155 2025] [security2:error] [pid 18674:tid 18674] [client 104.207.51.28:38911] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.grandvistalabs.com"] [uri "/.env"] [unique_id "aSU9qa22QpkrOWZSv58zqQAAACY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:24:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.28 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:24:16.127748 2025] [security2:error] [pid 19601:tid 19601] [client 104.207.51.28:20371] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.penninesolutions.com"] [uri "/.svn/wc.db"] [unique_id "aSUvcGcyeT-3wIJA6Lb2pgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:53:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.28 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:53:18.100908 2025] [security2:error] [pid 756205:tid 756205] [client 104.207.51.28:42817] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.afscmelocal2794.com"] [uri "/.svn/wc.db"] [unique_id "aSUoLpuROlzwqRb_RkxONwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 143 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4004:c1f::128

🇮🇳 182.95.185.158

🇭🇰 123.58.210.86

🇷🇴 80.94.92.186

🇨🇳 14.103.151.86

🇩🇪 5.231.70.13

🇧🇷 187.3.120.64

🇻🇳 113.161.68.205

🇨🇳 101.96.214.179

🇺🇸 75.102.23.159

🇨🇳 60.208.179.183

🇰🇷 58.229.141.26

🇨🇴 181.57.180.34

🇸🇾 109.224.242.229

🇬🇧 195.206.182.217

🇧🇷 189.54.99.156

🇺🇸 185.92.182.129

🇭🇰 123.58.212.28

🇮🇩 103.106.218.249

🇫🇷 91.231.89.226