JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.56.217

104.207.56.217 was found in our database!

This IP was reported 139 times. Confidence of Abuse is 36%: ?

36%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.56.217

Whois 104.207.56.217

IP Abuse Reports for 104.207.56.217:

This IP address has been reported a total of 139 times from 22 distinct sources. 104.207.56.217 was first reported on June 20th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇹 Malta	2026-06-01 18:13:25 (2 weeks ago)	104.207.56.217 - - [01/Jun/2026:20:13:25 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintos ... show more 104.207.56.217 - - [01/Jun/2026:20:13:25 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.6 Safari/605.1.15" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇫🇷 ELYAZ	2026-06-01 11:29:34 (2 weeks ago)	(y4) Failed scan -byebye- from 104.207.56.217 (DE/Germany/-): (CF_ENABLE)	Hacking
🇩🇪 georgengelmann	2026-05-30 11:25:02 (2 weeks ago)	Failed login attempt for root	Brute-Force Web App Attack
🇺🇸 lostswordfish.com	2026-05-29 18:46:03 (2 weeks ago)	Wordfence waf block on wp20190711M4	Web App Attack
🇩🇪 FeG Deutschland	2026-05-29 13:44:46 (2 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 koinkash.org	2026-05-28 03:40:05 (2 weeks ago)	They are fraudulent. Malicious threat actor requesting php file /wp-login.php	Web App Attack
Anonymous	2026-05-26 14:18:53 (3 weeks ago)	[server.tmg.gr] httpd-login-spray-site: sites=epemyjournal.com; logs=/var/log/httpd/domains/epemyjou ... show more [server.tmg.gr] httpd-login-spray-site: sites=epemyjournal.com; logs=/var/log/httpd/domains/epemyjournal.com.log; samples=site_wide=true \| distinct_ips=29 \| /wp-login.php show less	Hacking Web App Attack
🇫🇷 pm33	2026-05-25 22:30:03 (3 weeks ago)	Wordpress login attempts	Brute-Force
🇱🇻 garmtech.com	2026-03-03 23:15:25 (3 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇱🇻 garmtech.com	2026-03-02 11:15:42 (3 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
Anonymous	2026-01-05 20:16:17 (5 months ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-12-27 23:06:17 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 18:06:14.851079 2025] [security2:error] [pid 6088:tid 6088] [client 104.207.56.217:19749] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yubagals.com"] [uri "/.git/HEAD"] [unique_id "aVBmZj96KSf86Ind8r7rJQAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 21:58:45 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 16:58:42.566401 2025] [security2:error] [pid 2626:tid 2626] [client 104.207.56.217:55615] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bisbyphotography.com"] [uri "/.git/HEAD"] [unique_id "aVBWklJQ8eQs92i5CDPgWgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 21:07:09 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 16:07:04.335916 2025] [security2:error] [pid 3453:tid 3470] [client 104.207.56.217:51049] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hoffmanandassoc.com"] [uri "/.git/HEAD"] [unique_id "aVBKeLiLsSNnFpNlfosnvQAAAM4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 16:42:40 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 11:42:33.392371 2025] [security2:error] [pid 28174:tid 28174] [client 104.207.56.217:34305] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tekbit.com"] [uri "/.git/HEAD"] [unique_id "aVAMeZDRTxjSKKt1c1mibwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 139 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 2403:a080:84e:2804:28ab:1def:9954:2192

🇺🇸 216.244.66.243

🇩🇪 213.209.159.56

🇲🇽 187.251.123.104

🇨🇳 183.233.145.75

🇺🇸 143.198.231.39

🇺🇸 135.237.126.200

🇱🇹 81.30.98.62

🇺🇸 66.235.175.48

🇺🇸 44.55.106.80

🇷🇺 213.33.204.130

🇺🇸 209.222.101.194

🇩🇪 103.241.51.126

🇺🇸 20.65.194.102

🇰🇿 2.135.1.129

🇰🇷 211.223.107.86

🇨🇳 180.76.61.232

🇨🇳 175.30.82.204

🇸🇬 103.189.234.96

🇺🇸 66.132.172.249