JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.56.173

104.207.56.173 was found in our database!

This IP was reported 128 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.56.173

Whois 104.207.56.173

IP Abuse Reports for 104.207.56.173:

This IP address has been reported a total of 128 times from 16 distinct sources. 104.207.56.173 was first reported on June 22nd 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-20 00:32:13 (3 days ago)	Web App Attack	Web App Attack
🇺🇸 nationaleventpros.com	2026-02-16 16:05:32 (4 months ago)	WordPress login attempt	Brute-Force
🇬🇧 consul.to	2026-02-14 11:22:30 (4 months ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:33:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:33:12.812692 2025] [security2:error] [pid 17602:tid 17602] [client 104.207.56.173:60295] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.ironpagoda.com"] [uri "/.svn/wc.db"] [unique_id "aSZm6I7eYS91wvobG40qXwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:15:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:15:52.057981 2025] [security2:error] [pid 3093:tid 3093] [client 104.207.56.173:45867] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.firingsquadfilms.com"] [uri "/.env"] [unique_id "aSZUyAwvNrOdy4V2yYgmZQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:42:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:42:46.332850 2025] [security2:error] [pid 21531:tid 21531] [client 104.207.56.173:14457] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.givemethemic.com"] [uri "/.git/HEAD"] [unique_id "aSZNBi7DuGHZddAgzpPAVwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:12:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:12:43.754963 2025] [security2:error] [pid 22671:tid 22671] [client 104.207.56.173:58747] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.m2oblivion.com"] [uri "/.git/HEAD"] [unique_id "aSZF-9I0tG-K8S8gNRl8ywAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Shadymint	2025-11-24 17:25:57 (6 months ago)	url probing	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:45:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:44:14.909856 2025] [security2:error] [pid 12225:tid 12225] [client 104.207.56.173:38637] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.freepatternstocrochet.com"] [uri "/.svn/wc.db"] [unique_id "aSQMzrf1MFq05Sn7CxhxZAAAADU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:47:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:47:51.198593 2025] [security2:error] [pid 26695:tid 26695] [client 104.207.56.173:48011] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.tarakanov.com"] [uri "/.git/HEAD"] [unique_id "aSPxh6acFNq6AWuN54dwYgAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:12:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:12:28.821161 2025] [security2:error] [pid 3965261:tid 3965321] [client 104.207.56.173:51767] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ethniclivesmatter.com"] [uri "/.env"] [unique_id "aSPpPB7XGNzpCBYjvUvz5wAAAlY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:43:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:43:02.419337 2025] [security2:error] [pid 16189:tid 16189] [client 104.207.56.173:16735] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.poulsoncustomhomes.com"] [uri "/.git/HEAD"] [unique_id "aSPiVpz5RBj-_YOAKpoteAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-04-06 22:01:14 (1 year ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.06 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.06 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-04 14:27:24 (1 year ago)	Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.04 is noted in report tim ... show more Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.04 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-03 14:29:02 (1 year ago)	Attempted brute force login to web vpn 5 time(s); last attempt for 2025.04.03 is noted in report tim ... show more Attempted brute force login to web vpn 5 time(s); last attempt for 2025.04.03 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 128 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 61.173.113.84

🇸🇨 45.194.67.27

🇳🇱 45.142.193.70

🇬🇧 193.163.125.2

🇸🇬 165.245.176.219

🇦🇪 86.98.80.55

🇮🇩 43.157.224.34

🇧🇷 192.141.106.188

🇸🇬 172.217.44.217

🇭🇰 114.111.54.189

🇭🇰 103.20.223.56

🇹🇼 83.147.13.168

🇺🇸 66.175.211.87

🇺🇸 23.129.64.139

🇬🇧 187.77.183.234

🇺🇸 162.216.149.85

🇮🇳 147.93.30.90

🇹🇼 111.70.29.132

🇩🇪 94.26.106.214

🇫🇷 85.217.140.11