JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.56.242

104.207.56.242 was found in our database!

This IP was reported 137 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.56.242

Whois 104.207.56.242

IP Abuse Reports for 104.207.56.242:

This IP address has been reported a total of 137 times from 15 distinct sources. 104.207.56.242 was first reported on June 4th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-04-06 01:02:43 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.56.242 (DE/Germany/-): 1 in the last 3 ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.56.242 (DE/Germany/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇫🇷 masterguru	2026-03-27 22:21:22 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.56.242 (DE/Germany/-): 1 in the last 3 ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.56.242 (DE/Germany/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇺🇸 mnsf	2026-03-27 01:06:04 (2 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇱🇻 garmtech.com	2026-03-13 00:01:20 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
Anonymous	2026-03-01 16:14:05 (3 months ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇺🇸 TPI-Abuse	2026-02-22 19:59:24 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.56.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.56.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 22 14:59:21.235344 2026] [security2:error] [pid 8456:tid 8456] [client 104.207.56.242:56315] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|surveyiowa.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "surveyiowa.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZtgGX3RseKT3xyEBqqdbwAAAAQ"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 10:24:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:24:04.367386 2025] [security2:error] [pid 26771:tid 26886] [client 104.207.56.242:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.raytbrown.com"] [uri "/.git/HEAD"] [unique_id "aSbVRFRqYPjEDktSOg7W7QAAAMg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 04:51:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 23:51:50.047415 2025] [security2:error] [pid 30592:tid 30592] [client 104.207.56.242:29827] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.buttonedup.com"] [uri "/.svn/wc.db"] [unique_id "aSaHZhaSV5MqZm85RRhRUAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:52:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:52:34.787050 2025] [security2:error] [pid 28371:tid 28371] [client 104.207.56.242:52129] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.qu1ck.com"] [uri "/.git/HEAD"] [unique_id "aSZrcnQWyGFaipTaShvp1QAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:02:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:02:33.053469 2025] [security2:error] [pid 17022:tid 17039] [client 104.207.56.242:17635] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.jean-paullederer.com"] [uri "/.svn/wc.db"] [unique_id "aSTyGWe42NY3FNbGoYBYUAAAAEU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:55:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:55:33.035854 2025] [security2:error] [pid 20613:tid 20613] [client 104.207.56.242:46927] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.calvetparis.com"] [uri "/.svn/wc.db"] [unique_id "aSQrlZ3LNEo3HusgDcuvIwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:30:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:30:42.488868 2025] [security2:error] [pid 27153:tid 27153] [client 104.207.56.242:28331] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.pattymoorearmstrong.com"] [uri "/.env"] [unique_id "aSQXsjV4hpH_THcBk3wWZgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:29:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:29:08.600488 2025] [security2:error] [pid 30252:tid 30252] [client 104.207.56.242:25819] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.securitymontana.com"] [uri "/.svn/wc.db"] [unique_id "aSP7NOsa-UgOg746f2qGAwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:44:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:44:17.454902 2025] [security2:error] [pid 11134:tid 11134] [client 104.207.56.242:11661] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ageiron.com"] [uri "/.svn/wc.db"] [unique_id "aSPwsSoJ7viqp8vuVGprbQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 137 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 203.198.173.137

🇭🇰 152.32.239.90

🇦🇷 149.22.83.50

🇧🇷 129.121.50.245

🇳🇱 45.156.87.147

🇺🇸 13.89.121.92

🇳🇱 194.147.115.36

🇺🇸 192.3.250.115

🇧🇷 187.109.174.69

🇮🇳 182.95.185.166

🇨🇳 180.184.141.117

🇷🇺 178.178.222.58

🇳🇱 176.65.139.151

🇸🇬 161.118.218.103

🇺🇸 151.240.67.127

🇵🇰 110.93.224.226

🇿🇦 105.225.183.195

🇧🇩 103.183.62.2

🇲🇾 103.169.91.47

🇨🇳 101.96.233.202