JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.56.108

104.207.56.108 was found in our database!

This IP was reported 141 times. Confidence of Abuse is 38%: ?

38%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.56.108

Whois 104.207.56.108

IP Abuse Reports for 104.207.56.108:

This IP address has been reported a total of 141 times from 21 distinct sources. 104.207.56.108 was first reported on June 5th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇽 octageeks.com	2026-06-04 04:11:26 (1 week ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇲🇽 octageeks.com	2026-06-03 04:08:18 (1 week ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇸🇮 administrator	2026-06-02 22:16:28 (1 week ago)	2026-06-02 00:08:44,625 fail2ban.actions [1162]: NOTICE [ninjafirewall] Ban 104.207.56.108 2 ... show more 2026-06-02 00:08:44,625 fail2ban.actions [1162]: NOTICE [ninjafirewall] Ban 104.207.56.108 2026-06-02 00:08:44,625 fail2ban.actions [1162]: NOTICE [ninjafirewall] Ban 104.207.56.108 ... show less	Bad Web Bot Web Spam Email Spam Blog Spam Port Scan Brute-Force Web App Attack
🇲🇹 Malta	2026-06-01 07:59:20 (1 week ago)	104.207.56.108 - - [01/Jun/2026:09:59:20 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows ... show more 104.207.56.108 - - [01/Jun/2026:09:59:20 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇬🇧 spamverify.com	2026-06-01 00:19:25 (1 week ago)	Honeypot Hit: WordPress Login	Web Spam Blog Spam Bad Web Bot Web App Attack
🇩🇪 F242	2026-05-28 02:39:36 (2 weeks ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇩🇪 Spiderpiggy	2026-05-27 10:15:32 (2 weeks ago)	Automatically reported via Blackhole honeypot on games4you.be. Attempted access to restricted endpoi ... show more Automatically reported via Blackhole honeypot on games4you.be. Attempted access to restricted endpoint: /wp-login.php show less	Brute-Force Bad Web Bot SSH
🇺🇸 lostswordfish.com	2026-05-27 08:30:05 (2 weeks ago)	Wordfence waf block on taussigtravel	Web App Attack
🇸🇮 administrator	2026-05-04 16:41:15 (1 month ago)	2026-04-15 22:59:41,067 fail2ban.actions [1104]: NOTICE [ninjafirewall] Ban 104.207.56.108 2 ... show more 2026-04-15 22:59:41,067 fail2ban.actions [1104]: NOTICE [ninjafirewall] Ban 104.207.56.108 2026-05-04 18:24:29,379 fail2ban.actions [264717]: NOTICE [ninjafirewall] Ban 104.207.56.108 2026-04-15 22:59:41,067 fail2ban.actions [1104]: NOTICE [ninjafirewall] Ban 104.207.56.108 ... show less	Bad Web Bot Web Spam Email Spam Blog Spam Port Scan Brute-Force Web App Attack
🇱🇻 garmtech.com	2026-03-27 09:29:21 (2 months ago)	IM360 WAF: Old style account creation and modification in Joomla! MV:registration	Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 04:00:14 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.108 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.108 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 23:00:00.698418 2026] [security2:error] [pid 23047:tid 23047] [client 104.207.56.108:30843] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kirklandplumbing.ca"] [uri "/.env.save"] [unique_id "aZaKwEtrrw8jyCOIVGaS2AAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 11:47:20 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.108 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.108 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 06:47:16.460297 2026] [security2:error] [pid 7798:tid 7798] [client 104.207.56.108:41553] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "walterceron.com"] [uri "/api/.git/config"] [unique_id "aZWmxOaG1Ln2aLp69TCcbQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-11 09:01:00 (4 months ago)	SMS pumping	DDoS Attack VPN IP Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-01-28 03:36:24 (4 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 05-36.104.207.56.108.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 05-36.104.207.56.108.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:19:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.108 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.108 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:19:07.033026 2025] [security2:error] [pid 6147:tid 6147] [client 104.207.56.108:15051] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.amrtactical.com"] [uri "/.env"] [unique_id "aSab2wPIA2zb_8_h64DeDwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 141 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 199.45.154.121

🇩🇪 87.139.199.109

🇫🇷 87.98.128.213

🇺🇸 66.228.41.127

🇸🇳 41.208.191.41

🇮🇶 188.64.139.147

🇺🇸 173.255.242.196

🇺🇸 162.216.150.118

🇵🇰 119.30.118.110

🇺🇸 64.62.156.159

🇧🇪 34.156.99.192

🇺🇸 20.221.66.74

🇩🇪 213.209.159.241

🇯🇵 210.156.0.132

🇭🇰 162.211.183.210

🇨🇳 139.170.72.221

🇭🇰 119.246.15.94

🇵🇰 119.152.233.168

🇰🇷 112.175.29.94

🇲🇾 47.250.181.248