JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.56.197

104.207.56.197 was found in our database!

This IP was reported 136 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.56.197

Whois 104.207.56.197

IP Abuse Reports for 104.207.56.197:

This IP address has been reported a total of 136 times from 17 distinct sources. 104.207.56.197 was first reported on June 5th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-03-30 06:21:47 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.56.197 (DE/Germany/-): 1 in the last 3 ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.56.197 (DE/Germany/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇱🇻 garmtech.com	2026-03-24 08:22:01 (3 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇺🇸 TPI-Abuse	2026-02-20 04:57:03 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.56.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.56.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 19 23:57:00.297867 2026] [security2:error] [pid 14204:tid 14204] [client 104.207.56.197:11921] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|honer.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "honer.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aZfpnOHjWgs0PbGaTnZTKQAAAAo"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-13 13:38:18 (4 months ago)	Blocking for trying to access an exploit file: /api/.git/config	Hacking
🇳🇱 MM-bot	2026-02-13 13:31:37 (4 months ago)	URL-probe: HTTP/1.1 GET request on /app/.env (2026-02-13 14:31:37 UTC+1)	Hacking Web App Attack
🇺🇸 OceanTreasure	2026-02-13 13:15:49 (4 months ago)	tcp/80; AWS dotfile access attempt: "GET /.aws/credentials" @ 2026-02-13T13:13:15Z [proxy]	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:46:37 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:46:30.755849 2026] [security2:error] [pid 4717:tid 4717] [client 104.207.56.197:47883] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "medgi.co"] [uri "/backup/.git/config"] [unique_id "aY7IxpoSpeR6JbjuLz_DMAAAACg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:51:44 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:51:37.539523 2026] [security2:error] [pid 761:tid 761] [client 104.207.56.197:37981] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marketask.com"] [uri "/admin/.git/config"] [unique_id "aY6fyQAuf5wvlwnt55hfLAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:18:32 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:18:22.923820 2026] [security2:error] [pid 19033:tid 19033] [client 104.207.56.197:34429] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "magicalgirlcrafts.com"] [uri "/v2/.git/config"] [unique_id "aY573qVqd08CeFjSQTttTgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 17:25:41 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 12:25:36.595992 2026] [security2:error] [pid 1064809:tid 1064842] [client 104.207.56.197:44095] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "deathconfusion.com"] [uri "/.env"] [unique_id "aY4NEL-fzED4SzVk2OPHmgAAAcA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 17:07:18 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 12:07:10.808918 2026] [security2:error] [pid 15825:tid 15825] [client 104.207.56.197:16363] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "customdesignsbybjp.com"] [uri "/.env"] [unique_id "aY4IvuLy93B85QilzU2IxAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 02:59:36 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 21:59:29.224119 2026] [security2:error] [pid 17476:tid 17476] [client 104.207.56.197:42993] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "futuresgrowhere.com"] [uri "/.env.production"] [unique_id "aYvwkVv-hX_ogMrKU2knrQAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:13:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:13:46.361955 2025] [security2:error] [pid 29715:tid 29715] [client 104.207.56.197:56029] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sb-adventures.com"] [uri "/.svn/wc.db"] [unique_id "aS51itZxJF61BkwwGFOeAgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:38:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:38:31.899748 2025] [security2:error] [pid 29066:tid 29066] [client 104.207.56.197:57315] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "garthp.com"] [uri "/.svn/wc.db"] [unique_id "aS5tRxrPaE-JbJ61vFf6oAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 136 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 185.98.170.3

🇧🇷 177.85.3.216

🇸🇬 152.42.206.60

🇫🇮 147.185.133.35

🇨🇦 85.217.149.9

🇭🇰 43.132.214.228

🇺🇸 23.94.155.26

🇺🇸 18.246.211.38

🇭🇰 172.68.211.213

🇨🇱 136.248.242.166

🇨🇳 116.179.33.12

🇺🇸 66.132.195.30

🇩🇪 57.144.244.192

🇧🇷 45.229.91.34

🇺🇸 45.156.129.85

🇬🇧 34.142.110.144

🇺🇸 20.64.106.117

🇷🇴 2.57.121.112

🇧🇴 200.105.158.38

🇧🇷 186.194.83.221