JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.56.57

104.207.56.57 was found in our database!

This IP was reported 134 times. Confidence of Abuse is 3%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.56.57

Whois 104.207.56.57

IP Abuse Reports for 104.207.56.57:

This IP address has been reported a total of 134 times from 20 distinct sources. 104.207.56.57 was first reported on June 8th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-28 19:44:33 (1 week ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2026-01-05 20:36:09 (5 months ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-12-28 18:30:47 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 13:30:39.550288 2025] [security2:error] [pid 1699754:tid 1699773] [client 104.207.56.57:25213] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lcncmo.com"] [uri "/.svn/wc.db"] [unique_id "aVF3T9MexX79ozvv7tMKJwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-28 02:41:08 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 21:41:00.361155 2025] [security2:error] [pid 10219:tid 10219] [client 104.207.56.57:58059] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "villandance.com"] [uri "/.env"] [unique_id "aVCYvKHH8wKCaWq-XqUkuQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2025-12-27 21:51:35 (5 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2025-12-27 21:06:35 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 16:06:27.800713 2025] [security2:error] [pid 1606:tid 1606] [client 104.207.56.57:43423] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "savannah-house.com"] [uri "/.svn/wc.db"] [unique_id "aVBKU4cbsarXrlqE-ZMe7AAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 19:12:39 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 14:12:34.675133 2025] [security2:error] [pid 10640:tid 10640] [client 104.207.56.57:59795] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "buffaloweddingdeejay.com"] [uri "/.env"] [unique_id "aVAvolIiHdOWALe1giMhuQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-12-24 05:45:37 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-24 08:30:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:30:10.925690 2025] [security2:error] [pid 3757:tid 3757] [client 104.207.56.57:42347] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.weathercarib.weathercarib.net"] [uri "/.env"] [unique_id "aSQXkhQu5bDdsSH8uCaXcAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-24 08:19:34 (6 months ago)	Probing to gain illegal access	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:16:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:16:29.853663 2025] [security2:error] [pid 30209:tid 30209] [client 104.207.56.57:37037] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nmposters.com"] [uri "/.env"] [unique_id "aSQGTTTHVz1oTJKjRnl3pgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:58:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:58:35.060719 2025] [security2:error] [pid 24947:tid 24947] [client 104.207.56.57:46725] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alexgitlin.com"] [uri "/.svn/wc.db"] [unique_id "aSP0C53iWwrnki7_lWTX4wAAACw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:13:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:13:38.885207 2025] [security2:error] [pid 2958:tid 2958] [client 104.207.56.57:17761] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.salernospizza.com"] [uri "/.svn/wc.db"] [unique_id "aSPbco4Fa9PMqrEDE-9ZiAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-07 11:24:07 (6 months ago)	wordpress-trap	Web App Attack
🇩🇪 DEV-DNS	2025-11-04 05:05:30 (7 months ago)	(wordpress) Failed wordpress login from 104.207.56.57 (DE/Germany/State of Berlin/Berlin/-/[redacted ... show more (wordpress) Failed wordpress login from 104.207.56.57 (DE/Germany/State of Berlin/Berlin/-/[redacted]) show less	Brute-Force

Showing 1 to 15 of 134 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.56

🇨🇳 182.119.230.254

🇨🇳 27.221.13.239

🇦🇴 169.239.135.52

🇨🇳 110.177.176.4

🇨🇳 106.13.39.89

🇭🇰 103.210.21.242

🇧🇷 102.211.152.138

🇺🇸 43.130.32.245

🇰🇭 36.37.203.28

🇩🇪 8.209.83.1

🇺🇸 184.105.247.244

🇸🇬 114.119.142.84

🇰🇿 109.201.58.228

🇮🇩 41.216.178.119

🇳🇱 5.255.121.235

🇩🇪 213.209.159.236

🇲🇽 187.189.41.43

🇮🇩 163.7.3.26

🇸🇬 114.119.152.12