JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.56.211

104.207.56.211 was found in our database!

This IP was reported 133 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.56.211

Whois 104.207.56.211

IP Abuse Reports for 104.207.56.211:

This IP address has been reported a total of 133 times from 10 distinct sources. 104.207.56.211 was first reported on June 11th 2024, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-01-05 20:33:37 (5 months ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 COMPLEX	2025-12-14 23:07:46 (6 months ago)	Triggered Cloudflare WAF (l7ddos) from DE. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protoc ... show more Triggered Cloudflare WAF (l7ddos) from DE. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protocol: HTTP/2 (GET method) Endpoint: / show less	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-02 20:07:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.211 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 15:07:23.055380 2025] [security2:error] [pid 8725:tid 8725] [client 104.207.56.211:29321] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thoughtworm.com"] [uri "/.git/HEAD"] [unique_id "aS9G-9lwPVvsUSRUn51M6wAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 06:58:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.211 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 01:58:52.386186 2025] [security2:error] [pid 32132:tid 32132] [client 104.207.56.211:36213] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bowerwood.com"] [uri "/.git/HEAD"] [unique_id "aS6OLA47Z7E2CCvGzjo5_gAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:25:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.211 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:25:48.741684 2025] [security2:error] [pid 3468:tid 3468] [client 104.207.56.211:55169] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dodojuice.com"] [uri "/.git/HEAD"] [unique_id "aS54XNkMApIgr6ktsLH_SwAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:02:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.211 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:02:44.059116 2025] [security2:error] [pid 21633:tid 21657] [client 104.207.56.211:16505] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "property-management-companies-chicago.com"] [uri "/.env"] [unique_id "aS5y9HtqpdoQru--A_BpuwAAAFY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 01:16:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.211 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 20:16:43.376035 2025] [security2:error] [pid 1733991:tid 1733991] [client 104.207.56.211:54635] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "edsantos.biz"] [uri "/.git/HEAD"] [unique_id "aS49-86bOIunhzVFomMd8wAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 Shaik Sai Meera	2025-12-02 00:10:17 (6 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇺🇸 TPI-Abuse	2025-11-26 10:12:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.211 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:11:58.614919 2025] [security2:error] [pid 26769:tid 26813] [client 104.207.56.211:15563] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.proracersecrets.com"] [uri "/.svn/wc.db"] [unique_id "aSbSbuJX0ieXP0fMKjiBJAAAAEs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:59:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.211 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:59:02.940726 2025] [security2:error] [pid 16639:tid 16639] [client 104.207.56.211:39219] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.persnicketyinc.com"] [uri "/.env"] [unique_id "aSaXJhZN0hcYfLpjNzrpjwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:57:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.211 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:57:14.096022 2025] [security2:error] [pid 16249:tid 16249] [client 104.207.56.211:60667] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.amazingthailand.net"] [uri "/.svn/wc.db"] [unique_id "aSZsirgJ6JeQjGaOLgmCAgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-25 22:37:43 (6 months ago)	Attempted access to sensitive endpoint (/.svn/wc.db) detected. Automated scan or unauthorized probin ... show more Attempted access to sensitive endpoint (/.svn/wc.db) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:56:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.211 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:56:09.337828 2025] [security2:error] [pid 18812:tid 18812] [client 104.207.56.211:20771] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.43cambridge.com"] [uri "/.env"] [unique_id "aST-qYpYmZxgd7dv796azQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:09:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.211 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:08:29.800297 2025] [security2:error] [pid 7836:tid 7836] [client 104.207.56.211:51513] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.solbrella.com"] [uri "/.env"] [unique_id "aSQSfYHKAtLZrMCKPWEkSQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:42:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.211 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:42:34.588190 2025] [security2:error] [pid 5208:tid 5208] [client 104.207.56.211:15881] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.pobanz.com"] [uri "/.env"] [unique_id "aSP-WvvrTJKhUp3pZwZzjwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 133 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 187.191.48.24

🇮🇳 125.19.154.150

🇸🇬 111.119.222.27

🇪🇨 45.184.226.43

🇩🇪 213.209.159.227

🇩🇪 193.124.20.238

🇳🇴 185.181.60.145

🇭🇰 165.154.41.56

🇺🇸 162.216.150.15

🇭🇰 152.32.212.226

🇬🇧 139.59.170.85

🇺🇸 107.150.105.183

🇬🇧 89.34.96.151

🇳🇱 77.91.71.11

🇳🇱 45.156.87.127

🇳🇱 45.148.10.141

🇺🇸 45.33.94.76

🇰🇪 41.90.136.100

🇿🇦 41.56.128.128

🇻🇳 27.79.41.23