JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.56.143

104.207.56.143 was found in our database!

This IP was reported 133 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.56.143

Whois 104.207.56.143

IP Abuse Reports for 104.207.56.143:

This IP address has been reported a total of 133 times from 15 distinct sources. 104.207.56.143 was first reported on June 5th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-01-05 20:26:03 (5 months ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:38 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-12-21 17:15:37 (5 months ago)	Attempted brute force login to web vpn 198 time(s); last attempt for 2025.12.21 is noted in report t ... show more Attempted brute force login to web vpn 198 time(s); last attempt for 2025.12.21 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-19 23:14:32 (5 months ago)	Attempted brute force login to web vpn 127 time(s); last attempt for 2025.12.19 is noted in report t ... show more Attempted brute force login to web vpn 127 time(s); last attempt for 2025.12.19 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-01 22:50:47 (6 months ago)	Attempted brute force login to web vpn 925 time(s); last attempt for 2025.12.01 is noted in report t ... show more Attempted brute force login to web vpn 925 time(s); last attempt for 2025.12.01 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-30 23:53:26 (6 months ago)	Attempted brute force login to web vpn 972 time(s); last attempt for 2025.11.30 is noted in report t ... show more Attempted brute force login to web vpn 972 time(s); last attempt for 2025.11.30 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-27 23:58:39 (6 months ago)	Attempted brute force login to web vpn 3737 time(s); last attempt for 2025.11.27 is noted in report ... show more Attempted brute force login to web vpn 3737 time(s); last attempt for 2025.11.27 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-25 04:50:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:50:04.499693 2025] [security2:error] [pid 27543:tid 27543] [client 104.207.56.143:45585] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.riversidecabinswv.com"] [uri "/.svn/wc.db"] [unique_id "aSU1fLonW9TMv1zrCrBwYgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:07:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:07:00.384885 2025] [security2:error] [pid 6374:tid 6374] [client 104.207.56.143:28161] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.androglicksman.com"] [uri "/.git/HEAD"] [unique_id "aSUrZBe6KYwIHivg772SzAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:41:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:41:33.767343 2025] [security2:error] [pid 32035:tid 32035] [client 104.207.56.143:35153] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.rblep.com"] [uri "/.git/HEAD"] [unique_id "aSUlbYkiLyICAi8-M95PjwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:20:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:19:52.026146 2025] [security2:error] [pid 7560:tid 7560] [client 104.207.56.143:55933] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.christianbroadcastingleague.com"] [uri "/.env"] [unique_id "aSUgWOq2Pkbl33exw0ouZwAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:53:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:53:44.165533 2025] [security2:error] [pid 24250:tid 24250] [client 104.207.56.143:28279] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.openheartwellness.com"] [uri "/.env"] [unique_id "aSUMKFBNuxx4uRJqKmUePQAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:57:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:57:52.303566 2025] [security2:error] [pid 29064:tid 29064] [client 104.207.56.143:40085] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.westoaksurgentcare.com"] [uri "/.svn/wc.db"] [unique_id "aST_EBQESRak-QcYBTjNJQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:26:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:26:18.898086 2025] [security2:error] [pid 29058:tid 29058] [client 104.207.56.143:22813] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.solidthought.com"] [uri "/.git/HEAD"] [unique_id "aST3qjxk3u5Z7Ho8L0IZVAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 133 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.49

🇹🇼 198.235.24.31

🇨🇳 106.13.183.241

🇮🇩 103.153.190.105

🇷🇺 79.104.11.18

🇷🇸 77.105.37.219

🇫🇷 51.159.149.103

🇧🇷 45.164.180.193

🇨🇳 36.43.235.22

🇹🇷 31.145.131.202

🇺🇸 3.142.170.60

🇺🇸 2001:470:2cc:1::20e

🇺🇸 217.77.4.39

🇳🇱 193.176.31.240

🇧🇷 187.18.254.217

🇩🇪 176.65.132.24

🇨🇳 118.196.106.182

🇫🇷 89.117.50.180

🇫🇷 88.167.55.162

🇩🇪 69.5.169.176