JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.56.14

104.207.56.14 was found in our database!

This IP was reported 74 times. Confidence of Abuse is 13%: ?

13%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.56.14

Whois 104.207.56.14

IP Abuse Reports for 104.207.56.14:

This IP address has been reported a total of 74 times from 18 distinct sources. 104.207.56.14 was first reported on June 6th 2024, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-06-06 03:38:50 (7 hours ago)	dot file probe	Web App Attack
🇫🇷 masterguru	2026-06-02 11:56:45 (3 days ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 104.207.56.14 (DE/Germany/-): 1 in th ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 104.207.56.14 (DE/Germany/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇳🇱 homeshowdomain.nl	2026-02-19 22:59:32 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-19	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-02-19 03:56:14 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.14 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 22:56:06.053546 2026] [security2:error] [pid 28455:tid 28455] [client 104.207.56.14:43447] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kinnerakhareedu.com"] [uri "/backend/.env"] [unique_id "aZaJ1q4eKdlV4NDuhDU9sgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 03:01:45 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.14 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 22:01:40.876250 2026] [security2:error] [pid 28459:tid 28459] [client 104.207.56.14:50087] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kennedimoore.click"] [uri "/new/.git/config"] [unique_id "aZZ9FOWe8f6ECXLfeb6n5wAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Bedios GmbH	2026-02-19 02:11:23 (3 months ago)	Login credentials theft attempt	Hacking
🇺🇸 TPI-Abuse	2026-02-19 02:10:55 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.14 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 21:10:46.745420 2026] [security2:error] [pid 2744921:tid 2744921] [client 104.207.56.14:58453] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kathiekate.com"] [uri "/admin/.env"] [unique_id "aZZxJtmOFfDlWgXTFNEkPQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 01:29:17 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.14 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 20:29:11.728066 2026] [security2:error] [pid 14122:tid 14174] [client 104.207.56.14:41575] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kandooo.com"] [uri "/api/.env"] [unique_id "aZZnZ2X74uMzOTtiFzUYEwAAANI"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 Shaik Sai Meera	2026-02-18 23:50:11 (3 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇺🇸 TPI-Abuse	2026-02-18 22:33:00 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.14 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 17:32:57.941117 2026] [security2:error] [pid 22646:tid 22646] [client 104.207.56.14:22283] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "utd.net"] [uri "/admin/.env"] [unique_id "aZY-GZ9IYe8CFujsLyDLzQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-18 21:18:15 (3 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇺🇸 mnsf	2026-02-18 20:06:45 (3 months ago)	Too many Status 40X (12) Scanning/Probing (13)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 20:04:53 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.14 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 15:04:46.144856 2026] [security2:error] [pid 1676702:tid 1676702] [client 104.207.56.14:58113] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tracklocross.com"] [uri "/.git/config"] [unique_id "aZYbXnLsX9wCfGdsgDfvzwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 18:30:17 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.14 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 13:30:03.841141 2026] [security2:error] [pid 9342:tid 9342] [client 104.207.56.14:61419] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thevillageartcenter.com"] [uri "/.env"] [unique_id "aZYFK6ZWfaGm15D8QEgPsAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 11:59:40 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.14 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 06:59:33.256386 2026] [security2:error] [pid 4717:tid 4733] [client 104.207.56.14:26071] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wassell.org"] [uri "/admin/.env"] [unique_id "aZWppffZJorvt0B651D3uAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 74 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 172.253.231.214

🇧🇬 45.88.138.44

🇸🇬 8.222.244.154

🇺🇸 2607:f8b0:4001:c0a::124

🇰🇷 220.121.38.45

🇺🇸 173.255.243.63

🇮🇳 168.220.237.171

🇹🇬 156.38.73.89

🇫🇮 147.185.133.102

🇨🇳 118.212.121.47

🇺🇸 66.132.186.189

🇪🇬 45.241.59.4

🇩🇪 43.228.157.10

🇺🇸 20.106.182.208

🇨🇳 8.138.204.154

🇹🇼 198.235.24.81

🇫🇮 178.20.210.151

🇺🇸 173.255.225.15

🇺🇸 172.234.218.22

🇭🇰 103.230.240.59