JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.56.7

104.207.56.7 was found in our database!

This IP was reported 102 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.56.7

Whois 104.207.56.7

IP Abuse Reports for 104.207.56.7:

This IP address has been reported a total of 102 times from 24 distinct sources. 104.207.56.7 was first reported on June 11th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-02-15 12:49:10 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.7 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:49:05.873911 2026] [security2:error] [pid 5826:tid 5826] [client 104.207.56.7:31711] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "todotex.com"] [uri "/admin/.env"] [unique_id "aZHAwXYJenmDTlCb7OBkowAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 debestelapp	2026-02-15 12:15:04 (3 months ago)		Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:41:41 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.7 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:41:35.431051 2026] [security2:error] [pid 15628:tid 15628] [client 104.207.56.7:60305] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thomaschemical.net"] [uri "/frontend/.env"] [unique_id "aZGw7696ODKH57Y788tVGAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 openstrike.co.uk	2026-02-15 06:13:24 (3 months ago)	23 attacks on VC URLs, password grabbing URLs, env grabbing URLs: GET /new/.git/config HTTP/1.1 GET ... show more 23 attacks on VC URLs, password grabbing URLs, env grabbing URLs: GET /new/.git/config HTTP/1.1 GET /.aws/credentials HTTP/1.1 GET /config/.env HTTP/1.1 show less	Hacking
🇳🇱 jjnxpct	2026-02-15 04:48:35 (3 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.env.staging (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .env found within REQUEST_FILENAME: /.env.staging] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:24:57 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.7 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:24:50.611471 2026] [security2:error] [pid 27265:tid 27265] [client 104.207.56.7:36049] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stricklinphotography.com"] [uri "/new/.git/config"] [unique_id "aZFKkjCZ8dFwRqLscMEYYAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-02-15 04:03:17 (3 months ago)	Try to access /app/.git/config	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:51:31 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.7 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:51:23.656010 2026] [security2:error] [pid 32666:tid 32666] [client 104.207.56.7:32275] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mycherishedteddies.com"] [uri "/v2/.git/config"] [unique_id "aZEmm6_-JQUvl7kFtiUhHgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:23:58 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.7 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:23:54.747630 2026] [security2:error] [pid 25535:tid 25535] [client 104.207.56.7:48901] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "murciafm.com"] [uri "/config/.env"] [unique_id "aZEgKuqlN4esLsPJvJXqiQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-15 00:10:15 (3 months ago)	Blocking for trying to access an exploit file: /config/.env	Hacking
🇺🇸 TPI-Abuse	2026-02-14 23:02:33 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.7 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 18:02:28.726684 2026] [security2:error] [pid 895636:tid 895636] [client 104.207.56.7:30391] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lisaslearningland.com"] [uri "/api/.git/config"] [unique_id "aZD_BGruQJ9Ljv99t8RhmAAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-14 22:45:29 (3 months ago)	Blocking for trying to access an exploit file: /dev/.git/config	Hacking
🇺🇸 TPI-Abuse	2026-02-14 22:38:14 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.7 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 17:38:09.863989 2026] [security2:error] [pid 29225:tid 29225] [client 104.207.56.7:49193] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "montebiancoltd.com"] [uri "/new/.git/config"] [unique_id "aZD5UYqiD0jC34zaInInPwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 22:21:53 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.7 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 17:21:48.627586 2026] [security2:error] [pid 24915:tid 24915] [client 104.207.56.7:32139] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lietzau.net"] [uri "/frontend/.env"] [unique_id "aZD1fD-EyyjzZyMH7EJzDAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 102 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇱🇹 194.165.16.164

🇺🇸 172.71.174.151

🇮🇩 163.7.1.156

🇷🇴 92.118.39.62

🇩🇪 69.5.169.177

🇰🇷 59.21.37.60

🇺🇸 20.55.99.64

🇨🇳 220.197.78.51

🇵🇰 182.188.47.215

🇫🇷 172.71.118.155

🇦🇿 172.71.17.135

🇲🇩 172.69.200.136

🇫🇷 146.70.40.68

🇩🇪 141.11.36.38

🇮🇳 122.185.101.50

🇺🇸 100.51.6.16

🇫🇷 91.231.89.67

🇸🇬 47.84.134.137

🇺🇸 2001:470:1:fb5::10b

🇩🇪 213.209.159.11