JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.56.84

104.207.56.84 was found in our database!

This IP was reported 126 times. Confidence of Abuse is 18%: ?

18%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.56.84

Whois 104.207.56.84

IP Abuse Reports for 104.207.56.84:

This IP address has been reported a total of 126 times from 15 distinct sources. 104.207.56.84 was first reported on June 4th 2024, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-06-03 11:27:16 (5 days ago)	Known malicious PHP file or CMS probe	Web App Attack
🇬🇧 poundawebsiteltd	2026-05-12 16:21:15 (3 weeks ago)	Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:80 104.207.56.84 - - [12/May/2026:17 ... show more Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:80 104.207.56.84 - - [12/May/2026:17:21:12 +0100] GET http://[REDACTED_DOMAIN]/.svn/wc.db HTTP/1.1 403 214 - Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 show less	Web App Attack
🇦🇺 MAGIC	2026-04-22 00:03:31 (1 month ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇮🇹 [email protected]	2026-04-17 22:28:38 (1 month ago)	[Sat Apr 18 00:28:37.966925 2026] [authz_core:error] [pid 560721:tid 560738] [remote 104.207.56.84:1 ... show more [Sat Apr 18 00:28:37.966925 2026] [authz_core:error] [pid 560721:tid 560738] [remote 104.207.56.84:14765] AH01630: client denied by server configuration: /var/www/html/MyWeb/Wordpress_www/wp-login.php ... show less	Brute-Force Web App Attack
🇩🇪 FeG Deutschland	2026-03-28 01:06:24 (2 months ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 24	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 04:34:18 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 23:34:15.287776 2026] [security2:error] [pid 3803:tid 3803] [client 104.207.56.84:11563] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arthynatarajan.com"] [uri "/site/.git/config"] [unique_id "aY1YR9U9GeQCLUavW88mUgAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-10 23:00:49 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-10	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-10 05:58:31 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 00:58:24.535873 2026] [security2:error] [pid 31274:tid 31274] [client 104.207.56.84:30699] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iheldt.net"] [uri "/api/.git/config"] [unique_id "aYrJAPzB8TdmPgiJXXqK1wAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 04:01:33 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 23:01:27.536258 2026] [security2:error] [pid 23199:tid 23238] [client 104.207.56.84:59555] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "icbc-canada.com"] [uri "/.git/config"] [unique_id "aYqtl316UGkN-LIDmLr2iwAAAI0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:12:07 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:11:55.810174 2026] [security2:error] [pid 24777:tid 24777] [client 104.207.56.84:30679] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kinnen.org"] [uri "/admin/.env"] [unique_id "aYqh-_RLwFhftFnKq9pbjgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 01:53:42 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 20:53:37.863514 2026] [security2:error] [pid 31186:tid 31186] [client 104.207.56.84:26219] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hxctechllc.com"] [uri "/new/.git/config"] [unique_id "aYqPoW0JTyMoo-5qaInhcgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:47:03 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:46:53.781628 2026] [security2:error] [pid 2616924:tid 2616924] [client 104.207.56.84:54931] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keysenterprise.net"] [uri "/api/.env"] [unique_id "aYp__dYUlGaarYAxBec5lAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:32:50 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:32:46.473075 2026] [security2:error] [pid 410:tid 410] [client 104.207.56.84:62363] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kayelynn.com"] [uri "/admin/.git/config"] [unique_id "aYpgjl8j0phCIeVZpO9F_QAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:51:40 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:51:33.135415 2026] [security2:error] [pid 1442593:tid 1442593] [client 104.207.56.84:56299] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hookedupfishing.net"] [uri "/.env.save"] [unique_id "aYpI1cMOzXRRh_Y74rfvmgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-03 01:02:04 (6 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 126 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 2401:4900:1ce1:c02:24bd:2768:ab5:56cd

🇵🇰 103.72.1.35

🇭🇰 101.36.127.85

🇸🇪 85.229.46.153

🇺🇸 50.62.22.47

🇩🇪 47.245.141.179

🇫🇷 45.95.233.88

🇳🇱 2a10:3c0:3:0:1:28:0:5

🇧🇷 170.150.93.73

🇺🇸 165.154.182.168

🇺🇸 152.32.236.180

🇺🇸 140.235.0.96

🇵🇭 122.54.88.152

🇰🇷 121.66.63.189

🇺🇸 91.230.168.176

🇺🇸 65.49.20.68

🇳🇱 64.89.162.167

🇺🇸 52.224.109.126

🇺🇸 45.55.226.206

🇭🇰 34.150.101.113