JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.51.88

104.207.51.88 was found in our database!

This IP was reported 118 times. Confidence of Abuse is 13%: ?

13%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.51.88

Whois 104.207.51.88

IP Abuse Reports for 104.207.51.88:

This IP address has been reported a total of 118 times from 15 distinct sources. 104.207.51.88 was first reported on June 20th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇦 Anymous	2026-05-20 07:22:36 (3 weeks ago)	GET /.env HTTP/1.1 404 3730 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML	Port Scan Web App Attack
Anonymous	2026-04-29 23:10:02 (1 month ago)	suspicious request in access.log	Web App Attack
🇧🇷 Halux	2026-04-29 05:31:03 (1 month ago)	104.207.51.88 Probing protected path or service	Web App Attack
🇵🇱 sefinek.net	2026-01-13 10:38:06 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:06 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-11-25 21:18:35 (6 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 07:09:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.88 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.88 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:09:37.696210 2025] [security2:error] [pid 16762:tid 16762] [client 104.207.51.88:45001] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.susannahtuttle.com"] [uri "/.env"] [unique_id "aSVWMTUbMXxlpzisbOTA3wAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:17:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.88 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.88 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:17:38.087893 2025] [security2:error] [pid 14223:tid 14243] [client 104.207.51.88:40007] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.wicca-love-spells.com"] [uri "/.env"] [unique_id "aSVKAojUYazU71qMBH9MNQAAAQ8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:35:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.88 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.88 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:35:14.499720 2025] [security2:error] [pid 13072:tid 13072] [client 104.207.51.88:42719] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "prettygirlstuff.grayhost.net"] [uri "/.git/HEAD"] [unique_id "aSVAEuEEFNRSzPnncHfGggAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:38:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.88 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.88 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:38:06.758454 2025] [security2:error] [pid 28607:tid 28607] [client 104.207.51.88:38099] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.robertgregorybrowne.com"] [uri "/.svn/wc.db"] [unique_id "aSUyrjCgG2G07DMyNZbvLgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:36:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.88 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.88 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:36:46.906233 2025] [security2:error] [pid 20786:tid 20786] [client 104.207.51.88:11979] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.christmaspartynapkins.com"] [uri "/.git/HEAD"] [unique_id "aSUkTsDy-aEs0k5PR8tbnwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:33:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.88 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.88 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:33:01.719725 2025] [security2:error] [pid 26734:tid 26734] [client 104.207.51.88:31321] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "knuf.fritsknuf.com"] [uri "/.git/HEAD"] [unique_id "aSUHTWHWCan-rXvH6lb1-AAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:13:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.88 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.88 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:13:21.348747 2025] [security2:error] [pid 27305:tid 27305] [client 104.207.51.88:40943] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brainstormer.visionremota.info"] [uri "/.svn/wc.db"] [unique_id "aSUCsWc_QGmsCJdMaZIHpwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:12:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.88 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.88 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:12:20.064493 2025] [security2:error] [pid 16076:tid 16078] [client 104.207.51.88:35613] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.resort4pets.com"] [uri "/.env"] [unique_id "aST0ZI2OAmO1i2wCi7BpIgAAAQA"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 as211431.net	2025-11-05 10:14:26 (7 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /user/register/ UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 YaBrowser/22.7.0 Yowser/2.5 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot

Showing 1 to 15 of 118 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 203.174.22.246

🇫🇷 185.255.126.55

🇺🇸 172.234.218.245

🇮🇩 103.149.176.34

🇨🇳 45.117.10.134

🇩🇪 34.40.68.103

🇫🇷 13.37.240.169

🇺🇸 205.210.31.36

🇭🇰 165.154.224.19

🇰🇷 110.14.190.221

🇨🇳 14.103.27.130

🇺🇸 8.231.54.50

🇨🇳 119.96.193.72

🇺🇸 107.175.223.25

🇳🇱 45.142.193.9

🇮🇪 18.201.179.117

🇰🇷 13.125.244.81

🇺🇸 2604:a00:12:1664:216:3eff:fe2c:3ad0

🇭🇰 199.45.154.155

🇺🇸 162.216.150.48