JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.56.37

104.207.56.37 was found in our database!

This IP was reported 137 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.56.37

Whois 104.207.56.37

IP Abuse Reports for 104.207.56.37:

This IP address has been reported a total of 137 times from 21 distinct sources. 104.207.56.37 was first reported on July 4th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 Swiptly	2026-01-08 15:36:43 (4 months ago)	Bot scanning for environment files .env .env/\* ...	Web App Attack
🇺🇸 TPI-Abuse	2026-01-07 20:20:04 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 07 15:19:59.472781 2026] [security2:error] [pid 8022:tid 8022] [client 104.207.56.37:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hondabvi.com"] [uri "/.git/HEAD"] [unique_id "aV6_71gQ5M2V3GhmYs9RQgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:49:09 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:49:01.486157 2025] [security2:error] [pid 21759:tid 21759] [client 104.207.56.37:56381] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "buddysinflatables.com"] [uri "/.env"] [unique_id "aVIWTVhAk6Mt2RcDHbEe_wAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:16:58 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:16:53.642691 2025] [security2:error] [pid 1845:tid 1845] [client 104.207.56.37:25601] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "belindalloyd.com"] [uri "/.svn/wc.db"] [unique_id "aVIAtaLhX7Ij2_TiwbopdwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 03:37:54 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 22:37:48.131471 2025] [security2:error] [pid 2474186:tid 2474209] [client 104.207.56.37:60733] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iacsb.com"] [uri "/.env"] [unique_id "aVH3jEdzVovvtcCEgL1UdgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 COMPLEX	2025-12-14 23:07:46 (5 months ago)	Triggered Cloudflare WAF (l7ddos) from DE. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protoc ... show more Triggered Cloudflare WAF (l7ddos) from DE. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protocol: HTTP/2 (GET method) Endpoint: / show less	DDoS Attack Bad Web Bot
🇩🇪 David Ferneding	2025-11-26 22:27:19 (6 months ago)	Blocked by UFW (TCP on 80) Source port: 13129 TTL: 55 Packet length: 60 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 80) Source port: 13129 TTL: 55 Packet length: 60 TOS: 0x00 This report (for 104.207.56.37) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
Anonymous	2025-11-26 10:35:42 (6 months ago)	104.207.56.37 - - [26/Nov/2025:11:35:42 +0100] "GET /.svn/wc.db HTTP/1.1" 403 400 "-" "Mozilla/5.0 ( ... show more 104.207.56.37 - - [26/Nov/2025:11:35:42 +0100] "GET /.svn/wc.db HTTP/1.1" 403 400 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Edg/119.0.0.0" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 09:16:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 04:16:28.470888 2025] [security2:error] [pid 6722:tid 6722] [client 104.207.56.37:29403] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.turnofthecenturyfinearts.com"] [uri "/.git/HEAD"] [unique_id "aSbFbDRvHRt10gov_yGEuAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:30:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:30:26.565380 2025] [security2:error] [pid 26086:tid 26086] [client 104.207.56.37:45871] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.inquisitivequincie.com"] [uri "/.env"] [unique_id "aSVNAhcUxWkh9mjWOzyzaQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 MM-bot	2025-11-25 06:29:22 (6 months ago)	URL-probe: HTTP/1.1 GET request on /.aws/credentials (2025-11-25 07:29:22 UTC+1)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:44:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:44:15.304588 2025] [security2:error] [pid 18889:tid 18889] [client 104.207.56.37:58443] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.belmontsprings.ca"] [uri "/.env"] [unique_id "aSVCL51UmUn3ZscpiUnAqAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:19:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:18:55.355111 2025] [security2:error] [pid 29550:tid 29550] [client 104.207.56.37:57091] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.kathiehazlett.com"] [uri "/.git/HEAD"] [unique_id "aSU8P1pIS3GOtCHR6Df9VQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:41:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:41:41.054602 2025] [security2:error] [pid 7092:tid 7092] [client 104.207.56.37:27305] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.swampoodlegrounds.com"] [uri "/.svn/wc.db"] [unique_id "aSUzhV-JENlJheQ5mbEfRwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:17:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:17:11.022971 2025] [security2:error] [pid 1817000:tid 1817019] [client 104.207.56.37:22387] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.amazinglips.com"] [uri "/.git/HEAD"] [unique_id "aSUtx5iXM9qjzOaPIgQkJwAAAUc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 137 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4864:20::745

🇩🇪 213.209.159.231

🇳🇱 176.65.139.103

🇺🇸 172.174.236.56

🇻🇳 171.231.196.85

🇮🇩 163.7.8.79

🇻🇳 116.110.146.55

🇩🇪 82.115.19.154

🇪🇬 196.221.207.125

🇬🇧 185.249.74.198

🇹🇷 185.219.133.156

🇺🇸 162.216.150.159

🇩🇪 141.11.187.21

🇵🇰 110.38.234.222

🇨🇳 103.219.32.239

🇱🇹 81.30.98.142

🇺🇸 68.37.58.155

🇺🇸 66.222.22.170

🇫🇷 62.210.142.166

🇺🇸 23.95.191.250