JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.56.18

104.207.56.18 was found in our database!

This IP was reported 86 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.56.18

Whois 104.207.56.18

IP Abuse Reports for 104.207.56.18:

This IP address has been reported a total of 86 times from 19 distinct sources. 104.207.56.18 was first reported on June 6th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 ktwrd	2026-02-20 12:45:00 (3 months ago)	Mastodon account creation spam (advertising)	Web Spam
Anonymous	2026-01-05 20:24:37 (5 months ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-12-02 21:11:00 (6 months ago)	(mod_security) mod_security (id:210740) triggered by 104.207.56.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210740) triggered by 104.207.56.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 16:10:41.788229 2025] [security2:error] [pid 19472:tid 19472] [client 104.207.56.18:38153] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy\|\|advancedmotorsports.com\|F\|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "advancedmotorsports.com"] [uri "/contact/album.cgi"] [unique_id "aS9V0cQCcGy6ct1TvsmiHQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 Progetto1	2025-11-24 10:40:03 (6 months ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:52:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:52:03.655993 2025] [security2:error] [pid 29363:tid 29363] [client 104.207.56.18:9967] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.newhealthwaysaust.net"] [uri "/.svn/wc.db"] [unique_id "aSQqw2pBIZ8xm_PuRq7joAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:00:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:59:57.420722 2025] [security2:error] [pid 29412:tid 29412] [client 104.207.56.18:58945] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.icro.net"] [uri "/.git/HEAD"] [unique_id "aSPmTYvkyCgwqtdYF--9KwAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:15:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:15:00.228574 2025] [security2:error] [pid 10030:tid 10030] [client 104.207.56.18:50285] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.belintxon.com"] [uri "/.env"] [unique_id "aSPbxBsa3CHCV-pQ907jEgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 relianoid.com	2025-11-16 15:31:52 (6 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇺🇸 TPI-Abuse	2025-11-14 15:05:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 14 10:05:05.517270 2025] [security2:error] [pid 18808:tid 18808] [client 104.207.56.18:28489] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.uppermotradingco.com"] [uri "/.env"] [unique_id "aRdFIe3dIobGC2J9Kbil7QAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-12 12:12:40 (6 months ago)	Attempted brute force login to web vpn 54 time(s); last attempt for 2025.11.12 is noted in report ti ... show more Attempted brute force login to web vpn 54 time(s); last attempt for 2025.11.12 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 Rip	2025-11-02 10:33:03 (7 months ago)	Authentication attack attempt. CMS Brute Force - Access Forbidden	Brute-Force Web App Attack
🇫🇷 applemooz	2025-11-01 12:37:50 (7 months ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack
Anonymous	2025-10-30 14:27:46 (7 months ago)	WordPress Brute Force	Brute-Force
🇩🇪 Marc	2025-10-29 18:12:05 (7 months ago)		Brute-Force Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-10-07 17:13:55 (8 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam

Showing 1 to 15 of 86 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇭 209.99.190.200

🇩🇪 194.36.32.204

🇧🇷 45.205.1.245

🇨🇳 27.200.182.251

🇯🇵 8.216.4.57

🇺🇸 2604:a880:400:d1:0:4:8bf8:7001

🇰🇷 211.253.37.225

🇧🇷 170.80.65.140

🇨🇳 122.194.9.228

🇨🇳 117.132.5.139

🇺🇸 54.167.104.28

🇵🇱 31.179.197.26

🇬🇧 195.96.139.156

🇺🇸 161.123.218.106

🇨🇳 111.228.13.226

🇺🇸 107.172.195.99

🇩🇪 49.12.37.149

🇹🇼 211.21.61.245

🇺🇸 174.35.25.177

🇨🇳 111.228.33.97