JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.56.171

104.207.56.171 was found in our database!

This IP was reported 149 times. Confidence of Abuse is 19%: ?

19%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.56.171

Whois 104.207.56.171

IP Abuse Reports for 104.207.56.171:

This IP address has been reported a total of 149 times from 27 distinct sources. 104.207.56.171 was first reported on June 6th 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-06-12 00:15:23 (3 days ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇫🇮 inlink.ltd	2026-06-11 05:42:37 (4 days ago)	Known malicious PHP file or CMS probe	Web App Attack
🇨🇳 ThreatBook.io	2026-05-07 01:43:49 (1 month ago)	ThreatBook Intelligence: vpn_proxy,Gateway more details on https://threatbook.io/ip/104.207.56.171 2 ... show more ThreatBook Intelligence: vpn_proxy,Gateway more details on https://threatbook.io/ip/104.207.56.171 2026-05-06 03:08:56 / 2026-05-06 02:47:31 / 2026-05-06 02:44:56 / 2026-05-06 03:13:47 / 2026-05-06 02:42:16 / show less	Web App Attack
🇫🇷 masterguru	2026-04-06 01:58:09 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.56.171 (DE/Germany/-): 1 in the last 3 ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.56.171 (DE/Germany/-): 1 in the last 3600 secs (0-197) show less	Hacking
🇫🇷 masterguru	2026-04-02 20:23:04 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.56.171 (DE/Germany/-): 1 in the last 3 ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.56.171 (DE/Germany/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇫🇷 masterguru	2026-03-27 10:24:39 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.56.171 (DE/Germany/-): 1 in the last 3 ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.56.171 (DE/Germany/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇱🇻 garmtech.com	2026-03-24 08:08:37 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-31 00:58:23 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇮🇹 VHosting	2025-12-24 06:30:15 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇪🇸 10dencehispahard SL	2025-12-10 06:35:41 (6 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇺🇸 TPI-Abuse	2025-11-24 09:54:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.171 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.171 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:53:58.752755 2025] [security2:error] [pid 28663:tid 28663] [client 104.207.56.171:17693] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.ginaotto.com"] [uri "/.env"] [unique_id "aSQrNrweT_LWOABS4asUjwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:26:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.171 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.171 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:25:57.713785 2025] [security2:error] [pid 31107:tid 31107] [client 104.207.56.171:48333] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "adventiststoday.org"] [uri "/.env"] [unique_id "aSPsZV6Oatrsj9Bjh2oBkwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:35:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.171 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.171 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:34:52.394981 2025] [security2:error] [pid 25434:tid 25434] [client 104.207.56.171:42691] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.binglawoffice.com"] [uri "/.env"] [unique_id "aSPSXAzrOimpfuWLS9YoaAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-11 06:57:43 (8 months ago)	Attempted brute force login to web vpn 18 time(s); last attempt for 2025.10.11 is noted in report ti ... show more Attempted brute force login to web vpn 18 time(s); last attempt for 2025.10.11 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-10 21:46:17 (8 months ago)	Attempted brute force login to web vpn 90 time(s); last attempt for 2025.10.10 is noted in report ti ... show more Attempted brute force login to web vpn 90 time(s); last attempt for 2025.10.10 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 149 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇺 197.227.8.186

🇳🇱 91.92.40.13

🇺🇸 172.191.157.64

🇰🇷 118.33.113.1

🇨🇳 47.102.154.17

🇨🇳 39.97.110.217

🇸🇪 2.68.10.2

🇮🇩 203.175.125.130

🇵🇪 181.66.89.16

🇺🇸 162.216.150.172

🇺🇸 107.167.34.125

🇳🇱 91.92.40.171

🇲🇾 47.250.55.77

🇳🇱 45.148.10.147

🇨🇩 41.79.235.70

🇺🇸 20.65.193.82

🇺🇸 216.25.89.94

🇧🇴 200.75.160.22

🇮🇳 182.76.71.82

🇺🇸 173.239.240.40