JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.56.9

104.207.56.9 was found in our database!

This IP was reported 80 times. Confidence of Abuse is 10%: ?

10%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.56.9

Whois 104.207.56.9

IP Abuse Reports for 104.207.56.9:

This IP address has been reported a total of 80 times from 17 distinct sources. 104.207.56.9 was first reported on June 12th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 georgengelmann	2026-05-22 04:32:32 (2 weeks ago)	Failed login attempt for administrator	Brute-Force Web App Attack
🇩🇪 big-cloud.nl	2026-05-02 13:04:16 (1 month ago)	Try to access /xmlrpc.php?rsd	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:39 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-26 11:27:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:27:21.895107 2025] [security2:error] [pid 4858:tid 4858] [client 104.207.56.9:30535] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.hardcountryrock.com"] [uri "/.git/HEAD"] [unique_id "aSbkGcBkR24QBSR358jTaQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 10:13:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:13:41.396422 2025] [security2:error] [pid 2716924:tid 2716924] [client 104.207.56.9:24899] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arcadiapropertiesllc.starrmail.net"] [uri "/.svn/wc.db"] [unique_id "aSbS1edflwYh4Nj1dc7jFAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 09:14:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 04:14:01.131727 2025] [security2:error] [pid 9606:tid 9648] [client 104.207.56.9:21901] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.fishrapper.com"] [uri "/.git/HEAD"] [unique_id "aSbE2SFyBWeOsnO3zv5tLgAAAIM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 08:34:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:34:30.727001 2025] [security2:error] [pid 26169:tid 26169] [client 104.207.56.9:46401] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.geriart.net"] [uri "/.svn/wc.db"] [unique_id "aSa7lhAiZvrNuJZScoUpaQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:32:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:32:14.202131 2025] [security2:error] [pid 7189:tid 7189] [client 104.207.56.9:26087] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.miranda-race-walks.com"] [uri "/.env"] [unique_id "aSae7swYShpNHIJJO3PkQQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 04:00:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 23:00:46.794021 2025] [security2:error] [pid 6265:tid 6265] [client 104.207.56.9:53581] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cruisingforsex.com"] [uri "/.env"] [unique_id "aSZ7bk6WVEebItc7zKfidgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 03:03:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 22:03:16.486158 2025] [security2:error] [pid 21500:tid 21500] [client 104.207.56.9:54133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "music.garretthillary.com"] [uri "/.git/HEAD"] [unique_id "aSZt9CONofzZVi4V2wLvKwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:18:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:18:22.415639 2025] [security2:error] [pid 5318:tid 5338] [client 104.207.56.9:52667] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kellenlee.mailme.name"] [uri "/.git/HEAD"] [unique_id "aSZVXotQIEBqnJukf2LFDgAAAJI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:29:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:29:43.397441 2025] [security2:error] [pid 2523:tid 2523] [client 104.207.56.9:51855] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.longsans.com"] [uri "/.svn/wc.db"] [unique_id "aSQXd1E4282QbKmsl2ugWAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:46:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:46:21.657299 2025] [security2:error] [pid 27404:tid 27404] [client 104.207.56.9:49597] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tylercomputing.soviaenterprises.com"] [uri "/.svn/wc.db"] [unique_id "aSQNTUWZQrZItrF1FPpfuAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:41:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:41:29.710045 2025] [security2:error] [pid 4271:tid 4271] [client 104.207.56.9:36123] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.lancehancock.com"] [uri "/.env"] [unique_id "aSP-GVZLbfXwv14H9GOW-gAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:12:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.56.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.56.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:12:18.017391 2025] [security2:error] [pid 16663:tid 16663] [client 104.207.56.9:49145] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.roguetechhub.com"] [uri "/.git/HEAD"] [unique_id "aSPpMvwXodnCqk3GcxE1dQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 80 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 195.206.182.201

🇵🇱 188.122.27.175

🇮🇶 185.187.205.167

🇺🇸 167.88.167.212

🇪🇨 157.100.120.84

🇨🇳 116.205.133.97

🇺🇸 75.127.15.105

🇸🇬 47.84.108.87

🇸🇬 47.79.15.35

🇻🇳 27.79.44.206

🇺🇸 13.217.227.148

🇩🇪 8.211.43.10

🇳🇱 5.255.118.168

🇺🇸 2607:f8b0:4002:c2c::126

🇻🇳 171.243.149.218

🇮🇳 152.52.243.58

🇭🇰 152.32.187.177

🇭🇰 152.32.172.177

🇰🇷 121.183.76.63

🇸🇬 104.194.154.210