JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.51.9

104.207.51.9 was found in our database!

This IP was reported 89 times. Confidence of Abuse is 19%: ?

19%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.51.9

Whois 104.207.51.9

IP Abuse Reports for 104.207.51.9:

This IP address has been reported a total of 89 times from 19 distinct sources. 104.207.51.9 was first reported on June 4th 2024, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-23 05:48:33 (6 hours ago)	Web App Attack	Web App Attack
🇳🇱 Site.eu	2026-05-07 14:42:48 (1 month ago)	Excessive 404/403 errors	Brute-Force
🇧🇪 cmbplf	2026-05-07 06:37:44 (1 month ago)	516 requests with url.path *.env	Brute-Force Bad Web Bot
🇩🇪 MBombeck	2026-05-06 00:37:36 (1 month ago)	Fail2Ban/traefik-botsearch on apps-01: banned after 5 failures	Web App Attack
🇳🇱 Site.eu	2026-05-06 00:06:49 (1 month ago)	Excessive 404/403 errors	Brute-Force
🇩🇪 paissangroup	2026-02-13 08:17:55 (4 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:29:47 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:29:43.259697 2026] [security2:error] [pid 23057:tid 23057] [client 104.207.51.9:21127] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "krakenseattle.org"] [uri "/.git/config"] [unique_id "aY7E17NBNyUZLtEJVZAMxgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:48:33 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:48:26.061811 2026] [security2:error] [pid 29305:tid 29305] [client 104.207.51.9:61669] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kim-porter.com"] [uri "/.env.save"] [unique_id "aY6fCnpouj1IfLIBpytXnAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:25:24 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:25:17.303984 2026] [security2:error] [pid 6596:tid 6596] [client 104.207.51.9:21091] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kellermoving.com"] [uri "/frontend/.env"] [unique_id "aY6LjVBQghcnoOztNvafTwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:25:31 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:25:21.477842 2026] [security2:error] [pid 2934:tid 2934] [client 104.207.51.9:9155] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "karyaenigma.com"] [uri "/api/.env"] [unique_id "aY59gVs0wZMJ1sUrhgVGsAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 22:53:30 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 17:53:24.899598 2026] [security2:error] [pid 2053736:tid 2053736] [client 104.207.51.9:31135] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "adelaidapacific.com"] [uri "/.git/config"] [unique_id "aY5Z5NnAMmGomuKAlB5J6QAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 21:06:55 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 16:06:51.574531 2026] [security2:error] [pid 10620:tid 10639] [client 104.207.51.9:48783] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "btoelsalvador.com"] [uri "/.env"] [unique_id "aY5A6w5L8XVhr8ldDXlytwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 17:52:52 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 12:52:45.870514 2026] [security2:error] [pid 1484577:tid 1484577] [client 104.207.51.9:49715] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "body-tone.com"] [uri "/.env"] [unique_id "aY4TbUFvKnytY_IX-GpPkAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 DZBOT	2026-02-12 17:09:45 (4 months ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 17:07:20 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.51.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.51.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 12:07:17.265419 2026] [security2:error] [pid 24433:tid 24433] [client 104.207.51.9:34151] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "barkan.us"] [uri "/.env"] [unique_id "aY4IxcmltqaaOkq-5iy-NgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 89 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 203.55.131.3

🇬🇧 78.153.140.39

🇬🇧 2a06:4880:c000::df

🇬🇧 2a06:4880:6000::89

🇩🇪 212.132.105.176

🇨🇳 123.160.172.123

🇬🇧 35.203.210.237

🇺🇸 162.216.149.23

🇨🇳 120.193.9.169

🇨🇳 111.26.6.111

🇺🇸 104.165.198.25

🇩🇪 91.92.240.64

🇺🇸 86.107.55.234

🇳🇱 45.148.10.151

🇺🇸 13.219.1.233

🇬🇧 195.96.139.146

🇲🇽 187.191.48.23

🇨🇳 111.4.78.74

🇨🇳 106.75.154.218

🇺🇸 104.22.22.39