JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.57.156

104.207.57.156 was found in our database!

This IP was reported 145 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.57.156

Whois 104.207.57.156

IP Abuse Reports for 104.207.57.156:

This IP address has been reported a total of 145 times from 19 distinct sources. 104.207.57.156 was first reported on June 7th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 cmbplf	2026-05-06 15:54:39 (1 month ago)	507 requests with url.path *.env	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-23 22:43:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.156 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 17:43:16.344000 2026] [security2:error] [pid 24608:tid 24608] [client 104.207.57.156:17401] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "deltasouls.darrenj.com"] [uri "/.git/config"] [unique_id "aZzYBAi9flbwiifkhlOSGgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Blexyel	2026-02-23 17:56:54 (3 months ago)	104.207.57.156 - - [23/Feb/2026:17:56:49 +0000] "GET /.git/config HTTP/1.1" 301 162 "-" "Mozilla/5.0 ... show more 104.207.57.156 - - [23/Feb/2026:17:56:49 +0000] "GET /.git/config HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64)" ... show less	Brute-Force Web App Attack
🇧🇬 Stoyko Stoykov	2026-02-23 17:51:31 (3 months ago)	104.207.57.156 - - [23/Feb/2026:19:51:31 +0200] "GET /.git/config HTTP/1.1" 301 162 "-" "Mozilla/5.0 ... show more 104.207.57.156 - - [23/Feb/2026:19:51:31 +0200] "GET /.git/config HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64)" ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-23 15:55:57 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.156 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 10:55:49.760031 2026] [security2:error] [pid 30593:tid 30608] [client 104.207.57.156:34995] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cqaie.aafm.us"] [uri "/.git/config"] [unique_id "aZx4hZNOwSM1LI3jcBhHfQAAAUA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-23 10:22:07 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.156 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 05:22:01.077872 2026] [security2:error] [pid 5413:tid 5413] [client 104.207.57.156:41489] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "santafe.jbaydeliveries.com"] [uri "/.git/config"] [unique_id "aZwqSdG8uaDS-s5Xzs3BdAAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-11 02:43:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.156 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 10 21:43:38.824744 2025] [security2:error] [pid 8355:tid 8355] [client 104.207.57.156:24979] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kinnerakhareedu.com"] [uri "/.git/HEAD"] [unique_id "aTov2hIohFT8bclS1TZ0DgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (6 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
🇺🇸 TPI-Abuse	2025-12-09 09:48:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.156 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 04:48:43.387723 2025] [security2:error] [pid 8197:tid 8197] [client 104.207.57.156:48011] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "48consultancy.com"] [uri "/.git/HEAD"] [unique_id "aTfwe1CFdjvj8mTIU0AZkAAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2025-12-06 02:03:09 (6 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.57.156 (DE/Germany/-): 1 in ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.57.156 (DE/Germany/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 15:20:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.156 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 10:20:27.453099 2025] [security2:error] [pid 32749:tid 32749] [client 104.207.57.156:27689] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "partybuswhistler.com"] [uri "/.git/HEAD"] [unique_id "aTL4O-0XAZp1zzjsuy0tHgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 09:43:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.156 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 04:43:41.840533 2025] [security2:error] [pid 27129:tid 27129] [client 104.207.57.156:46179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "shirtzz.com"] [uri "/.env"] [unique_id "aTKpTRZBxAC-iWUi6WIFawAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 08:55:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.156 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 03:55:17.846163 2025] [security2:error] [pid 25675:tid 25675] [client 104.207.57.156:18543] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thehiddengemmalta.com"] [uri "/.svn/wc.db"] [unique_id "aTKd9eYDdVKsKvubvQwOaQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 08:13:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.156 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 03:13:32.762656 2025] [security2:error] [pid 27389:tid 27389] [client 104.207.57.156:32473] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "srcatshow.com"] [uri "/.git/HEAD"] [unique_id "aTKULJ8d9FLEo2TB3lEcnQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 05:26:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.156 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 00:26:24.084333 2025] [security2:error] [pid 27828:tid 27828] [client 104.207.57.156:50145] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ncogtrains.com"] [uri "/.env"] [unique_id "aTJtAJamuWYnguod2kevcAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 145 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 182.204.180.129

🇺🇸 162.217.162.178

🇸🇬 149.28.149.208

🇬🇧 92.27.101.99

🇵🇹 89.153.125.230

🇺🇸 40.124.185.240

🇹🇷 213.142.156.145

🇸🇪 172.234.104.44

🇺🇸 162.216.149.98

🇮🇳 152.32.156.138

🇨🇳 101.33.237.5

🇷🇺 94.29.124.154

🇩🇪 165.232.118.73

🇺🇸 155.138.225.147

🇨🇳 123.163.51.4

🇱🇹 62.60.130.169

🇱🇹 45.227.254.170

🇳🇱 45.148.10.151

🇺🇸 216.73.216.28

🇺🇸 162.217.162.109