JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.56.135

104.207.56.135 was found in our database!

This IP was reported 123 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.56.135

Whois 104.207.56.135

IP Abuse Reports for 104.207.56.135:

This IP address has been reported a total of 123 times from 16 distinct sources. 104.207.56.135 was first reported on June 5th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 kosada.com	2026-06-13 13:20:45 (1 day ago)	Web vulnerability probing: /wp-json/wp/v2/users (bogus vhost/SNI)	Web App Attack
🇮🇹 VHosting	2026-03-12 16:56:00 (3 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇪🇸 librebit	2026-03-12 07:54:35 (3 months ago)	Brute force	Brute-Force
Anonymous	2026-01-05 20:13:48 (5 months ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:08 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-26 12:05:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.135 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 07:05:14.484972 2025] [security2:error] [pid 23277:tid 23277] [client 104.207.56.135:18661] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.ajvaage.com"] [uri "/.svn/wc.db"] [unique_id "aSbs-tTNmRcB4Ra-DT1KFwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 09:02:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.135 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 04:02:34.446849 2025] [security2:error] [pid 15295:tid 15295] [client 104.207.56.135:59229] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.kendylcelina.com"] [uri "/.git/HEAD"] [unique_id "aSbCKi6tvAU2BeYMHJf2tgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:04:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.135 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:04:42.286635 2025] [security2:error] [pid 2454508:tid 2454508] [client 104.207.56.135:29925] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.meomy.us"] [uri "/.svn/wc.db"] [unique_id "aSaYejaG2RPimix8vPF_GwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:18:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.135 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:18:24.380467 2025] [security2:error] [pid 5361:tid 5387] [client 104.207.56.135:9739] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kandooo.com"] [uri "/.svn/wc.db"] [unique_id "aSZVYA6mFNQyT6yLV4L0yAAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:02:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.135 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:02:14.088502 2025] [security2:error] [pid 7384:tid 7384] [client 104.207.56.135:27101] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.tand.es"] [uri "/.git/HEAD"] [unique_id "aSZRlpQXeboJQ43RAkYn8gAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Ocean Ascents	2025-11-25 23:19:39 (6 months ago)	Probe for vulnerabilities. Path attempted: /.env	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:27:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.135 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:27:02.348783 2025] [security2:error] [pid 585:tid 585] [client 104.207.56.135:39943] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "communityofthecosmos.org"] [uri "/.git/HEAD"] [unique_id "aSUF5q1A2XY_xgARagzsHgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-24 11:52:44 (6 months ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:40:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.135 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:40:24.273255 2025] [security2:error] [pid 20849:tid 20849] [client 104.207.56.135:53493] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.pawlewicz.org"] [uri "/.git/HEAD"] [unique_id "aSQZ-MlB3LBGM-g5enALIwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:26:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.135 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:26:05.704229 2025] [security2:error] [pid 25347:tid 25347] [client 104.207.56.135:31669] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.briancastle.com"] [uri "/.git/HEAD"] [unique_id "aSP6fT9rWhYwYAxDx7o_sAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 123 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇿 195.158.16.60

🇻🇳 160.30.160.193

🇰🇼 62.150.84.6

🇫🇷 51.68.236.64

🇩🇪 46.4.114.55

🇳🇱 43.250.54.196

🇬🇧 31.14.254.115

🇨🇳 223.151.252.13

🇲🇽 200.77.198.126

🇧🇬 193.24.211.107

🇮🇷 185.231.181.16

🇨🇳 114.80.9.244

🇮🇹 93.70.85.142

🇸🇬 43.98.204.117

🇧🇪 34.156.165.205

🇵🇱 34.118.34.102

🇬🇧 31.77.156.62

🇺🇸 20.65.194.87

🇬🇧 198.244.242.178

🇲🇽 187.194.142.89