JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.56.56

104.207.56.56 was found in our database!

This IP was reported 141 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.56.56

Whois 104.207.56.56

IP Abuse Reports for 104.207.56.56:

This IP address has been reported a total of 141 times from 16 distinct sources. 104.207.56.56 was first reported on June 6th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-02-15 12:51:09 (4 months ago)	Web attack/malicious scanning detected	Web App Attack
🇳🇱 Mangelot Hosting	2026-02-15 12:49:24 (4 months ago)	(modsecurity) srv101 ModSecurity 104.207.56.56 (DE/Germany/-): 5 in the last 3600 secs; Ports: ; Di ... show more (modsecurity) srv101 ModSecurity 104.207.56.56 (DE/Germany/-): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇫🇷 LRob.fr	2026-02-15 12:45:01 (4 months ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:05:26 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:05:23.631963 2026] [security2:error] [pid 2827386:tid 2827386] [client 104.207.56.56:25365] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tigerpathteam.org"] [uri "/test/.git/config"] [unique_id "aZG2gwrsrDGaYTrLoOHsUQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:54:58 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:54:54.171649 2026] [security2:error] [pid 21708:tid 21708] [client 104.207.56.56:48477] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "swindon-itf.com"] [uri "/new/.git/config"] [unique_id "aZFfrnMkKo6NCKoaeFW1gAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:48:52 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:48:44.767341 2026] [security2:error] [pid 21909:tid 21909] [client 104.207.56.56:35081] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "steveleeds.com"] [uri "/.env"] [unique_id "aZFCHLxd-jfoz4-aewqLtwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:54:09 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:54:02.713801 2026] [security2:error] [pid 1278:tid 1278] [client 104.207.56.56:28355] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nancybarrera.com"] [uri "/app/.git/config"] [unique_id "aZE1Sl7aBkWcAhsmAiLaRAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:13:54 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:13:49.285056 2026] [security2:error] [pid 28124:tid 28124] [client 104.207.56.56:37385] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "spayinsulationpros.com"] [uri "/.git/config"] [unique_id "aZEr3TGx1e4b-vQ2x5UUbAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 Origon	2026-02-15 01:36:40 (4 months ago)	http-sensitive-files - IP: 104.207.56.56 - time="2026-02-15T02:36:40+01:00" level=info msg="(555f66 ... show more http-sensitive-files - IP: 104.207.56.56 - time="2026-02-15T02:36:40+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.56.56 (DE/200373) : 4h ban on Ip 104.207.56.56" module=db show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:08:27 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:08:22.053034 2026] [security2:error] [pid 15676:tid 15676] [client 104.207.56.56:34683] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "luxurymicrobikini.com"] [uri "/admin/.git/config"] [unique_id "aZEchooo0G9E4K8qGPHAIgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:26:15 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:26:08.665825 2026] [security2:error] [pid 1028192:tid 1028192] [client 104.207.56.56:15415] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lovestuff.net"] [uri "/admin/.git/config"] [unique_id "aZESoBWuJY3gXmhZN1XK5QAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:09:41 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:09:37.583518 2026] [security2:error] [pid 1702:tid 1702] [client 104.207.56.56:45853] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "loriatrading.com"] [uri "/.env.production"] [unique_id "aZEOwTvyDkUMOeO2Ae4oNQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-14 23:00:50 (4 months ago)	Blocking for trying to access an exploit file: /backend/.env	Hacking
🇺🇸 TPI-Abuse	2026-02-14 22:55:35 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 17:55:31.213165 2026] [security2:error] [pid 21598:tid 21598] [client 104.207.56.56:58899] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "linuxforpoets.com"] [uri "/.env.local"] [unique_id "aZD9Y9Xwt_Bc8Ev21es2TgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 22:00:41 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 17:00:34.244471 2026] [security2:error] [pid 22440:tid 22440] [client 104.207.56.56:23147] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mobiletitleclerk.com"] [uri "/v2/.git/config"] [unique_id "aZDwgtEg6WAeWdNU79DxOwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 141 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 217.198.191.195

🇩🇪 185.243.11.129

🇺🇸 66.132.172.238

🇺🇸 38.12.5.206

🇫🇷 217.182.193.175

🇹🇼 198.235.24.2

🇲🇽 187.237.47.214

🇺🇸 184.105.247.244

🇺🇸 170.106.195.244

🇮🇩 112.215.224.138

🇮🇳 103.186.151.106

🇫🇷 91.231.89.51

🇺🇸 67.213.119.29

🇳🇱 45.156.87.253

🇺🇸 3.19.75.136

🇩🇪 217.160.90.172

🇺🇸 208.84.100.164

🇺🇸 147.185.132.231

🇺🇸 147.185.132.211

🇻🇳 103.199.18.204