JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.58.251

104.207.58.251 was found in our database!

This IP was reported 131 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.58.251

Whois 104.207.58.251

IP Abuse Reports for 104.207.58.251:

This IP address has been reported a total of 131 times from 19 distinct sources. 104.207.58.251 was first reported on June 6th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 backslash	2026-05-23 05:06:09 (2 weeks ago)		Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-12 02:46:15 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.251 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.251 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 21:46:09.896859 2026] [security2:error] [pid 1171730:tid 1171730] [client 104.207.58.251:51123] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arsndetx.com"] [uri "/test/.git/config"] [unique_id "aY0-8X24JutTkWueXyYGRAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:46:01 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.251 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.251 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:45:54.313603 2026] [security2:error] [pid 1319:tid 1319] [client 104.207.58.251:33655] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kinesiologiaenmovimiento.com"] [uri "/frontend/.env"] [unique_id "aYqb4mSLeaWuqtHw-KrmZgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:09:50 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.251 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.251 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:09:40.961824 2026] [security2:error] [pid 5379:tid 5379] [client 104.207.58.251:35373] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hydrogenplus.net"] [uri "/admin/.git/config"] [unique_id "aYqTZCfCbD3P6mIrCLZDlwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:55:49 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.251 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.251 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:55:39.085191 2026] [security2:error] [pid 1570:tid 1581] [client 104.207.58.251:20363] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "howiek.com"] [uri "/.env.local"] [unique_id "aYpl63eVpx3S5SN-NSqeKwAAAMA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 21:12:10 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.251 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.251 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:12:04.200604 2026] [security2:error] [pid 22607:tid 22607] [client 104.207.58.251:19205] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "horizonsoundchicago.com"] [uri "/.env.staging"] [unique_id "aYpNpLEe-S6-amMtVdmRWQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-01-13 11:55:27 (4 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇦🇺 MAGIC	2025-12-29 03:08:58 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇦🇺 MAGIC	2025-12-07 00:05:57 (6 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-11-26 20:32:22 (6 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_MODSEC	Brute-Force SSH
🇩🇪 cloudmax	2025-10-16 20:22:40 (7 months ago)	Cloudmax IPS Block - Suspicious activity. Possible port scanning, service reconnaissance, or vulnera ... show more Cloudmax IPS Block - Suspicious activity. Possible port scanning, service reconnaissance, or vulnerability probing show less	Port Scan
🇺🇸 TPI-Abuse	2025-04-09 07:22:20 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 104.207.58.251 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.58.251 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 09 03:22:16.233613 2025] [security2:error] [pid 16879:tid 16879] [client 104.207.58.251:55039] [client 104.207.58.251] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|churchtop.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "churchtop.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z_YgKF5uu-jA39VSDjUsGAAAAAg"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-04-06 22:36:27 (1 year ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2025.04.06 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2025.04.06 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-05 04:49:49 (1 year ago)	Attempted brute force login to web vpn 6 time(s); last attempt for 2025.04.05 is noted in report tim ... show more Attempted brute force login to web vpn 6 time(s); last attempt for 2025.04.05 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-04 18:57:43 (1 year ago)	Attempted brute force login to web vpn 7 time(s); last attempt for 2025.04.04 is noted in report tim ... show more Attempted brute force login to web vpn 7 time(s); last attempt for 2025.04.04 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 131 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 194.5.82.104

🇧🇷 186.194.88.180

🇫🇷 161.97.135.223

🇺🇸 70.175.141.116

🇺🇸 66.132.172.35

🇨🇳 58.47.107.119

🇻🇳 42.118.191.10

🇰🇷 1.234.27.159

🇺🇸 162.216.149.41

🇷🇴 86.124.34.93

🇲🇦 81.192.46.29

🇨🇦 51.161.65.133

🇳🇱 45.148.10.141

🇺🇸 209.85.160.195

🇭🇰 199.45.154.180

🇫🇮 178.20.210.152

🇺🇸 164.92.78.51

🇸🇬 152.42.221.98

🇮🇳 103.146.110.204

🇿🇦 102.129.52.89