JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.56.72

104.207.56.72 was found in our database!

This IP was reported 147 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.56.72

Whois 104.207.56.72

IP Abuse Reports for 104.207.56.72:

This IP address has been reported a total of 147 times from 30 distinct sources. 104.207.56.72 was first reported on June 11th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 [email protected]	2026-04-18 06:32:00 (1 month ago)	[Sat Apr 18 08:32:00.522301 2026] [authz_core:error] [pid 560720:tid 560800] [remote 104.207.56.72:1 ... show more [Sat Apr 18 08:32:00.522301 2026] [authz_core:error] [pid 560720:tid 560800] [remote 104.207.56.72:10353] AH01630: client denied by server configuration: /var/www/html/MyWeb/Wordpress_www/wp-login.php ... show less	Brute-Force Web App Attack
🇩🇪 LRob.fr	2026-04-11 13:45:06 (1 month ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-14 03:05:29 (3 months ago)	Scanning/Probing (24)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 09:04:28 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.72 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 04:04:24.181028 2026] [security2:error] [pid 4377:tid 4377] [client 104.207.56.72:10659] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lancemarthaler.com"] [uri "/config/.env"] [unique_id "aY7pGFM3ZdpZ1VX0mpDeSgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-02-13 08:21:21 (3 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 07:40:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.72 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 02:40:22.098177 2026] [security2:error] [pid 23230:tid 23326] [client 104.207.56.72:17791] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kwainet.com"] [uri "/dev/.git/config"] [unique_id "aY7VZk0qaNF2Fp_hMVdCRwAAAco"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:22:15 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.72 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:22:11.084866 2026] [security2:error] [pid 1241588:tid 1241588] [client 104.207.56.72:33071] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "khaoula.com"] [uri "/new/.git/config"] [unique_id "aY6Y4x7_YlEXVDBpgZK-BQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:25:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.72 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:25:30.197011 2026] [security2:error] [pid 5732:tid 5732] [client 104.207.56.72:10375] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kelleysbridge.com"] [uri "/.env.staging"] [unique_id "aY6Lml58btUFykzVVZ0iVAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-13 02:06:09 (3 months ago)	Too many Status 40X (12) Scanning/Probing (14)	Brute-Force Web App Attack
🇺🇸 myagent.site	2026-02-13 01:26:30 (3 months ago)	Blocking for trying to access an exploit file: /backup/.git/config	Hacking
🇺🇸 TPI-Abuse	2026-02-12 19:54:46 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.72 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 14:54:39.004165 2026] [security2:error] [pid 23003:tid 23003] [client 104.207.56.72:18997] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ecomim.com"] [uri "/.env"] [unique_id "aY4v_5m35z-oYmslupMyTwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 02:36:27 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.72 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 21:36:20.268954 2026] [security2:error] [pid 30958:tid 30958] [client 104.207.56.72:62863] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cptaxadvisors.com"] [uri "/.env.staging"] [unique_id "aY08pL1A49WsZFhzK1LUJgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 16:09:19 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.72 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 11:09:13.018593 2026] [security2:error] [pid 2773:tid 2784] [client 104.207.56.72:35107] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "edsonmedia.com"] [uri "/.env.save"] [unique_id "aYypqdVVFde0XD7ERO7GSgAAAQk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 11:27:49 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.72 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 06:27:42.120898 2026] [security2:error] [pid 22652:tid 22652] [client 104.207.56.72:54123] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "countylockup.org"] [uri "/.env.local"] [unique_id "aYxnrvev6Q3BrQkf93PIcwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-02-10 19:50:40 (4 months ago)	Multiple WAF Violations	Web App Attack

Showing 1 to 15 of 147 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 136.144.35.53

🇬🇧 87.106.35.227

🇫🇷 84.46.247.185

🇱🇹 81.30.98.144

🇩🇪 69.5.169.6

🇺🇸 66.132.186.172

🇨🇳 36.33.167.165

🇧🇪 198.235.24.252

🇸🇬 165.154.236.104

🇺🇸 136.144.35.54

🇺🇸 136.144.35.38

🇸🇬 101.47.15.26

🇺🇸 52.173.219.147

🇳🇱 45.148.10.152

🇷🇴 2.57.121.112

🇺🇸 2400:cb00:397:1000:88ac:afe9:a06c:a420

🇺🇸 205.210.31.37

🇯🇵 140.83.33.115

🇨🇳 123.245.84.244

🇺🇸 92.204.138.191