JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.56.6

104.207.56.6 was found in our database!

This IP was reported 88 times. Confidence of Abuse is 7%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.56.6

Whois 104.207.56.6

IP Abuse Reports for 104.207.56.6:

This IP address has been reported a total of 88 times from 20 distinct sources. 104.207.56.6 was first reported on June 4th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-03 11:42:18 (1 month ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 2375. Severity: HI ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 2375. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇨🇳 ThreatBook.io	2026-05-02 00:10:07 (1 month ago)	ThreatBook Intelligence: http_proxy,Gateway more details on https://threatbook.io/ip/104.207.56.6 20 ... show more ThreatBook Intelligence: http_proxy,Gateway more details on https://threatbook.io/ip/104.207.56.6 2026-05-01 06:32:03 / 2026-05-01 06:36:30 / show less	Web App Attack
🇮🇹 [email protected]	2026-04-18 11:38:59 (2 months ago)	[Sat Apr 18 13:38:58.716354 2026] [authz_core:error] [pid 560720:tid 560759] [remote 104.207.56.6:52 ... show more [Sat Apr 18 13:38:58.716354 2026] [authz_core:error] [pid 560720:tid 560759] [remote 104.207.56.6:52981] AH01630: client denied by server configuration: /var/www/html/MyWeb/Wordpress_www/wp-login.php ... show less	Brute-Force Web App Attack
🇺🇸 octageeks.com	2026-02-13 05:06:29 (4 months ago)	Wordpress malicious attack:[octaxmlrpc]	Web App Attack
Anonymous	2026-01-05 20:35:07 (5 months ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇦🇺 MAGIC	2025-12-28 03:03:49 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇮🇹 VHosting	2025-12-23 15:10:16 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-26 23:18:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 18:18:07.624089 2025] [security2:error] [pid 16258:tid 16258] [client 104.207.56.6:50603] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.exresearch.com"] [uri "/.env"] [unique_id "aSeKr0wWPPgIiU0Nxvh4LAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 21:58:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 16:58:53.221087 2025] [security2:error] [pid 1999:tid 1999] [client 104.207.56.6:18493] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.raintechgutters.com"] [uri "/.env"] [unique_id "aSd4HSpwFkwcJ884Mn-iugAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 21:14:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 16:14:48.682126 2025] [security2:error] [pid 22859:tid 22859] [client 104.207.56.6:36353] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.vycestudiojuridico.tecnoconce.com"] [uri "/.env"] [unique_id "aSdtyJcVi9zzs97SHvKI1wAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇹 NotACaptcha	2025-11-26 20:03:42 (6 months ago)	webserver:80 [26/Nov/2025] "GET /.aws/credentials HTTP/1.1" 302 483 "-" "Mozilla/5.0 (Macintosh; In ... show more webserver:80 [26/Nov/2025] "GET /.aws/credentials HTTP/1.1" 302 483 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 10:35:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:35:15.679413 2025] [security2:error] [pid 17227:tid 17227] [client 104.207.56.6:44275] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.aguitas.com"] [uri "/.svn/wc.db"] [unique_id "aSbX49h4PENmV6yGPxt4fgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 07:13:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:13:17.006767 2025] [security2:error] [pid 14150:tid 14150] [client 104.207.56.6:53365] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.prometheusfalling.com"] [uri "/.svn/wc.db"] [unique_id "aSVXDYDCO4RSajc6ZG0hCAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:58:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:58:10.693677 2025] [security2:error] [pid 512:tid 512] [client 104.207.56.6:46855] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.scc1.us"] [uri "/.svn/wc.db"] [unique_id "aSVTgpQgZJ0QZHDw2a1rRwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:20:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:20:49.965606 2025] [security2:error] [pid 15171:tid 15171] [client 104.207.56.6:41287] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.ryszardwycisk.com"] [uri "/.git/HEAD"] [unique_id "aSVKweGfVMYtfo-Z5QwzlwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 88 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 201.149.53.243

🇸🇬 185.200.116.79

🇺🇸 147.185.132.12

🇵🇱 95.214.53.196

🇲🇦 81.192.46.29

🇵🇾 45.234.86.233

🇳🇱 45.148.10.152

🇳🇱 45.148.10.121

🇺🇸 45.146.55.229

🇬🇧 35.203.211.125

🇬🇧 35.203.211.21

🇬🇧 35.203.210.5

🇳🇱 176.65.149.180

🇺🇸 173.255.224.250

🇸🇬 165.154.205.128

🇺🇸 162.216.150.142

🇺🇸 152.32.207.124

🇯🇵 118.194.229.94

🇺🇸 108.181.23.71

🇺🇸 107.148.43.194