JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 187.56.204.4

187.56.204.4 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 63%: ?

63%

ISP	TELEFÔNICA BRASIL S.A
Usage Type	Fixed Line ISP
ASN	AS27699
Hostname(s)	187-56-204-4.dsl.telesp.net.br
Domain Name	telefonica.com.br
Country	🇧🇷 Brazil
City	Sao Paulo, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 187.56.204.4

Whois 187.56.204.4

IP Abuse Reports for 187.56.204.4:

This IP address has been reported a total of 21 times from 10 distinct sources. 187.56.204.4 was first reported on June 3rd 2026, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-05 20:34:52 (6 hours ago)	(mod_security) mod_security (id:210492) triggered by 187.56.204.4 (187-56-204-4.dsl.telesp.net.br): ... show more (mod_security) mod_security (id:210492) triggered by 187.56.204.4 (187-56-204-4.dsl.telesp.net.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 16:34:46.726786 2026] [security2:error] [pid 30557:tid 30557] [client 187.56.204.4:33544] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sirio-b.com"] [uri "/.git/config"] [unique_id "aiMy5hHmAQZ7HZrSgw6bwgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-05 20:07:35 (7 hours ago)	BAD BOT - Detected and Blocked.. Matched phrase "python" at REQUEST_HEADERS:User-Agent. (1100000-196 ... show more BAD BOT - Detected and Blocked.. Matched phrase "python" at REQUEST_HEADERS:User-Agent. (1100000-196) show less	Bad Web Bot
🇪🇸 elcruzado.es	2026-06-05 19:22:24 (7 hours ago)	(mod_security) mod_security triggered on hostname [redacted] 187.56.204.4 (BR/Brazil/187-56-204-4.ds ... show more (mod_security) mod_security triggered on hostname [redacted] 187.56.204.4 (BR/Brazil/187-56-204-4.dsl.telesp.net.br) show less	SQL Injection
🇺🇸 TPI-Abuse	2026-06-05 19:04:12 (8 hours ago)	(mod_security) mod_security (id:210492) triggered by 187.56.204.4 (187-56-204-4.dsl.telesp.net.br): ... show more (mod_security) mod_security (id:210492) triggered by 187.56.204.4 (187-56-204-4.dsl.telesp.net.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 15:04:08.848146 2026] [security2:error] [pid 9628:tid 9628] [client 187.56.204.4:18621] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/composer.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "caferutadelaseda.com"] [uri "/composer.json"] [unique_id "aiMdqKpMEJtQmNtc0el-8QAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-05 18:32:42 (8 hours ago)	Banned by Fail2Ban on server	Web App Attack
🇧🇷 dominioz	2026-06-05 13:03:12 (14 hours ago)	2026-06-05 13:02:46 GET /.env - - 187.56.204.4 HTTP/1.1 python-requests/2.33.1 - 301 564 2026-06-05 ... show more 2026-06-05 13:02:46 GET /.env - - 187.56.204.4 HTTP/1.1 python-requests/2.33.1 - 301 564 2026-06-05 13:02:46 GET /.git/config - - 187.56.204.4 HTTP/1.1 python-requests/2.33.1 - 301 578 2026-06-05 13:02:47 GET /backup.sql - - 187.56.204.4 HTTP/1.1 python-requests/2.33.1 - 301 595 2026-06-05 13:02:47 GET /dump.sql - - 187.56.204.4 HTTP/1.1 python-requests/2.33.1 - 301 591 ... show less	Web App Attack
🇧🇷 dominioz	2026-06-04 23:48:27 (1 day ago)	2026-06-04 23:47:05 GET /.env - - 187.56.204.4 HTTP/1.1 python-requests/2.33.1 - 404 39241 2026-06-0 ... show more 2026-06-04 23:47:05 GET /.env - - 187.56.204.4 HTTP/1.1 python-requests/2.33.1 - 404 39241 2026-06-04 23:47:07 GET /.env.local - - 187.56.204.4 HTTP/1.1 python-requests/2.33.1 - 404 39241 2026-06-04 23:47:10 GET /.env.production - - 187.56.204.4 HTTP/1.1 python-requests/2.33.1 - 404 39241 2026-06-04 23:47:12 GET /.git/config - - 187.56.204.4 HTTP/1.1 python-requests/2.33.1 - 404 39241 ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 21:49:10 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 187.56.204.4 (187-56-204-4.dsl.telesp.net.br): ... show more (mod_security) mod_security (id:210492) triggered by 187.56.204.4 (187-56-204-4.dsl.telesp.net.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 17:49:05.770618 2026] [security2:error] [pid 13282:tid 13282] [client 187.56.204.4:53430] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.andrew.weigel.name"] [uri "/web.config"] [unique_id "aiHy0UpHYHlLWxZjOfwnVwAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Savvii	2026-06-04 14:13:06 (1 day ago)	27 attempts against mh_ha-misbehave-ban on ec102967	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Savvii	2026-06-04 13:06:47 (1 day ago)	115 attempts against mh_ha-misbehave-ban on ec102967	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 12:07:07 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 187.56.204.4 (187-56-204-4.dsl.telesp.net.br): ... show more (mod_security) mod_security (id:210492) triggered by 187.56.204.4 (187-56-204-4.dsl.telesp.net.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 08:07:04.120664 2026] [security2:error] [pid 2098:tid 2098] [client 187.56.204.4:26285] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "globalsolutions.technology"] [uri "/.env.production"] [unique_id "aiFqaJ5DNMVkeiHXJPtPCwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 11:17:24 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 187.56.204.4 (187-56-204-4.dsl.telesp.net.br): ... show more (mod_security) mod_security (id:210492) triggered by 187.56.204.4 (187-56-204-4.dsl.telesp.net.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 07:17:19.931719 2026] [security2:error] [pid 4446:tid 4446] [client 187.56.204.4:53352] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.liverpoolfootballprogrammes.com"] [uri "/.env"] [unique_id "aiFev0FMWL9fviEwiOxhWwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-04 10:33:04 (1 day ago)	BAD BOT - Detected and Blocked.. Matched phrase "python-requests" at REQUEST_HEADERS:User-Agent. (11 ... show more BAD BOT - Detected and Blocked.. Matched phrase "python-requests" at REQUEST_HEADERS:User-Agent. (1100000-131) show less	Bad Web Bot
🇨🇭 4server	2026-06-04 10:29:49 (1 day ago)	[ThuJun0412:29:43.7924712026][security2:error][pid3714706:tid3714885][client187.56.204.4:0]ModSecuri ... show more [ThuJun0412:29:43.7924712026][security2:error][pid3714706:tid3714885][client187.56.204.4:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"www.hosting-domain-swiss.ch\"][uri\"/.env\"][unique_id\"aiFTl5DbvLQ54Ffqg9QxQwAAAEo\"] show less	Hacking Web App Attack
🇳🇱 Savvii	2026-06-04 10:06:18 (1 day ago)	20 attempts against mh_ha-misbehave-ban on choy	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇪 206.0.187.62

🇮🇳 205.254.166.123

🇧🇷 177.39.120.200

🇺🇸 162.216.150.131

🇺🇸 72.253.251.7

🇺🇸 34.86.112.56

🇺🇸 2a03:2880:15ff:42::

🇮🇩 2001:448a:70ae:584d:c8a1:5606:4ca8:7198

🇺🇸 205.210.31.72

🇨🇳 203.2.115.107

🇱🇹 194.165.16.166

🇸🇬 178.128.51.84

🇮🇳 152.32.158.69

🇩🇪 151.243.11.248

🇫🇮 147.185.133.145

🇹🇼 106.1.179.116

🇭🇰 101.79.167.192

🇺🇸 66.132.224.56

🇸🇬 47.236.50.40

🇬🇧 45.82.76.112