JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.56.235

104.207.56.235 was found in our database!

This IP was reported 131 times. Confidence of Abuse is 25%: ?

25%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.56.235

Whois 104.207.56.235

IP Abuse Reports for 104.207.56.235:

This IP address has been reported a total of 131 times from 16 distinct sources. 104.207.56.235 was first reported on June 6th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Mangelot Hosting	2026-06-23 10:14:28 (1 day ago)	(bad_user_agent) srv101 Bad User-Agent 104.207.56.235 (DE/Germany/-): 10 in the last 3600 secs; Port ... show more (bad_user_agent) srv101 Bad User-Agent 104.207.56.235 (DE/Germany/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇧🇪 cmbplf	2026-06-12 11:40:56 (1 week ago)	1.815 requests with url.path //xmlrpc.php 1.813 POST requests with url.path */wp-login.php	Brute-Force Bad Web Bot
🇩🇪 raph	2026-06-07 20:57:14 (2 weeks ago)	[DOT FILES] crawler .env, .git, .config, etc.	Bad Web Bot Web App Attack
🇺🇸 TheMadBeaker	2026-06-06 16:26:10 (2 weeks ago)	Fail2Ban - HTTP Exploit Attempt	Brute-Force Web App Attack
🇩🇪 big-cloud.nl	2026-05-10 11:17:46 (1 month ago)	Try to access /xmlrpc.php?rsd	Web App Attack
🇨🇭 TheCoon	2026-04-21 12:45:02 (2 months ago)	Automated: Infinite bomb download attempt	Web App Attack Hacking
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2025-12-10 14:00:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 10 09:00:33.340320 2025] [security2:error] [pid 4960:tid 4960] [client 104.207.56.235:52275] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kengarysp.com"] [uri "/.git/HEAD"] [unique_id "aTl9AfiBBHG4hwXWhG3zFgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-10 10:47:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 10 05:47:01.906693 2025] [security2:error] [pid 5048:tid 5048] [client 104.207.56.235:40449] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "adspirowellness.com"] [uri "/.env"] [unique_id "aTlPpXZA4fUpOy9bLRLijAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 04:38:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 23:38:17.467997 2025] [security2:error] [pid 18927:tid 18927] [client 104.207.56.235:18033] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gepteszt.com"] [uri "/.git/HEAD"] [unique_id "aTenuS_9cGjmJUbMy19yFQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 04:06:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 23:06:04.326787 2025] [security2:error] [pid 18959:tid 18959] [client 104.207.56.235:14959] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tdcparole.com"] [uri "/.svn/wc.db"] [unique_id "aTZOrMCXuO8-lk7wh-Zv-QAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 12:19:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 07:19:14.436412 2025] [security2:error] [pid 17696:tid 17696] [client 104.207.56.235:37083] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "asociacioncopan.org"] [uri "/.svn/wc.db"] [unique_id "aTVwwv9RyNWXooSJG4UEAwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 02:46:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 21:46:19.519296 2025] [security2:error] [pid 17860:tid 17860] [client 104.207.56.235:39941] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "antiterrorismbooks.info"] [uri "/.svn/wc.db"] [unique_id "aTOY-9mX_fvqXn0fIqvdwgAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 00:35:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 19:34:55.160621 2025] [security2:error] [pid 29513:tid 29513] [client 104.207.56.235:28891] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cityoffoley.gov"] [uri "/.svn/wc.db"] [unique_id "aTN6LxWdMucfjh_bPdsYowAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 15:42:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 10:42:26.259659 2025] [security2:error] [pid 31434:tid 31434] [client 104.207.56.235:36689] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kreweofhyatt.com"] [uri "/.svn/wc.db"] [unique_id "aTL9YghkHumItDb3bhPRXQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 131 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇴 193.46.255.86

🇧🇷 45.205.1.241

🇬🇧 193.163.125.238

🇲🇽 189.224.61.121

🇮🇳 183.83.197.226

🇫🇷 85.217.140.13

🇷🇺 81.23.182.16

🇩🇪 69.5.169.7

🇨🇴 2803:cd60:5102:103:9999::229

🇺🇸 158.94.187.124

🇭🇰 119.28.49.103

🇳🇱 91.92.40.231

🇳🇱 91.92.40.12

🇳🇱 89.21.67.144

🇨🇦 85.217.149.21

🇬🇧 81.174.248.178

🇺🇸 49.51.183.220

🇳🇱 45.148.10.141

🇧🇪 207.175.78.208

🇳🇱 185.107.80.93