JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.56.64

104.207.56.64 was found in our database!

This IP was reported 117 times. Confidence of Abuse is 17%: ?

17%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.56.64

Whois 104.207.56.64

IP Abuse Reports for 104.207.56.64:

This IP address has been reported a total of 117 times from 8 distinct sources. 104.207.56.64 was first reported on June 5th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TRoden	2026-06-03 21:19:51 (2 days ago)	Geo Block Plugin: Escalation flag(s): rce_attempt	Hacking
Anonymous	2026-05-25 10:14:38 (1 week ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇩🇪 4server	2026-05-12 16:56:15 (3 weeks ago)	[TueMay1218:56:08.6041912026][security2:error][pid320246:tid320318][client104.207.56.64:0]ModSecurit ... show more [TueMay1218:56:08.6041912026][security2:error][pid320246:tid320318][client104.207.56.64:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"ecosuber.com\"][uri\"/.aws/credentials\"][unique_id\"agNbqAB9kmdLvNxDbaGkyQAAAIs\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:48:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.64 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:48:33.563150 2025] [security2:error] [pid 12701:tid 12701] [client 104.207.56.64:41725] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.styxwetworld.com"] [uri "/.svn/wc.db"] [unique_id "aSUnERiGSyd_PjHxH-Sm5QAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:29:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.64 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:29:37.495034 2025] [security2:error] [pid 1278:tid 1293] [client 104.207.56.64:21889] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "abroma.honeyled.com"] [uri "/.git/HEAD"] [unique_id "aSUioc-5_Q7Y14ElCf2KEwAAAU0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:10:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.64 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:10:27.049276 2025] [security2:error] [pid 26105:tid 26105] [client 104.207.56.64:49007] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.b-kinibottom.com"] [uri "/.git/HEAD"] [unique_id "aSUQE8-4aqhRKQoDdirhdQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:36:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.64 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:36:10.784887 2025] [security2:error] [pid 1590769:tid 1590775] [client 104.207.56.64:39541] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dontbeajerklikeyourwork.com.teritemme.com"] [uri "/.svn/wc.db"] [unique_id "aST5-mGwGZE4_DDLbJbdbAAAAIQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-11 08:13:02 (7 months ago)	Attempted brute force login to web vpn 54 time(s); last attempt for 2025.10.11 is noted in report ti ... show more Attempted brute force login to web vpn 54 time(s); last attempt for 2025.10.11 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-10 17:51:39 (7 months ago)	Attempted brute force login to web vpn 234 time(s); last attempt for 2025.10.10 is noted in report t ... show more Attempted brute force login to web vpn 234 time(s); last attempt for 2025.10.10 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-09 23:06:40 (7 months ago)	Attempted brute force login to web vpn 162 time(s); last attempt for 2025.10.09 is noted in report t ... show more Attempted brute force login to web vpn 162 time(s); last attempt for 2025.10.09 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-08 23:54:19 (7 months ago)	Attempted brute force login to web vpn 199 time(s); last attempt for 2025.10.08 is noted in report t ... show more Attempted brute force login to web vpn 199 time(s); last attempt for 2025.10.08 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-07 23:01:42 (7 months ago)	Attempted brute force login to web vpn 18 time(s); last attempt for 2025.10.07 is noted in report ti ... show more Attempted brute force login to web vpn 18 time(s); last attempt for 2025.10.07 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-06 01:21:05 (1 year ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.06 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.06 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-05 13:57:55 (1 year ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.05 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.05 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-04 10:35:52 (1 year ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2025.04.04 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2025.04.04 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 117 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2601:406:4603:4510:e088:4b62:e07e:6657

🇳🇱 213.177.179.67

🇷🇴 2.57.121.112

🇦🇷 186.96.192.120

🇦🇷 181.116.220.140

🇻🇳 160.187.240.90

🇺🇸 92.118.112.56

🇱🇹 45.227.254.183

🇨🇦 23.234.84.156

🇮🇳 182.95.57.194

🇳🇱 178.16.53.245

🇦🇷 170.245.232.44

🇹🇭 147.50.227.79

🇨🇳 118.248.198.32

🇰🇪 105.27.148.94

🇨🇳 60.166.83.98

🇨🇳 222.176.200.18

🇨🇳 182.119.226.237

🇳🇱 176.65.139.173

🇺🇸 172.253.209.150