JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.194.140.104

104.194.140.104 was found in our database!

This IP was reported 165 times. Confidence of Abuse is 100%: ?

100%

ISP	RouterHosting LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS198983
Hostname(s)	104.140.194.104.static.cloudzy.com
Domain Name	cloudzy.com
Country	🇬🇧 United Kingdom of Great Britain and Northern Ireland
City	London, England

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.194.140.104

Whois 104.194.140.104

IP Abuse Reports for 104.194.140.104:

This IP address has been reported a total of 165 times from 112 distinct sources. 104.194.140.104 was first reported on June 9th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 geot	2026-06-13 16:04:07 (2 weeks ago)	POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1 POST /hello.world?%A ... show more POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1 POST /hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input HTTP/1.1 POST /cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh HTTP/1.1 show less	Port Scan Hacking Web App Attack
🇮🇹 demonsword	2026-06-13 11:09:46 (2 weeks ago)	SSH brute-force detected: 5 failed login attempts in the last 1 hour.	Brute-Force SSH
🇮🇹 demonsword	2026-06-13 10:09:42 (2 weeks ago)	SSH brute-force detected: 15 failed login attempts in the last 1 hour.	Brute-Force SSH
🇫🇮 6kilowatti	2026-06-13 10:05:56 (2 weeks ago)	2026-06-13T13:05:55.480921+03:00 mummo kernel: [UFW BLOCK] IN=enp0s25 OUT= MAC=6c:62:6d:d6:a5:bc:00: ... show more 2026-06-13T13:05:55.480921+03:00 mummo kernel: [UFW BLOCK] IN=enp0s25 OUT= MAC=6c:62:6d:d6:a5:bc:00:00:5e:00:01:58:08:00 SRC=104.194.140.104 DST=83.148.240.21 LEN=40 TOS=0x00 PREC=0x00 TTL=50 ID=50515 PROTO=TCP SPT=47232 DPT=2375 WINDOW=65535 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇬🇧 Andrew	2026-06-13 09:46:48 (2 weeks ago)	Blocked by UFW (TCP on port 23). Source port: 42150 TTL: 57 Packet length: 40 TOS: 0x00 This report ... show more Blocked by UFW (TCP on port 23). Source port: 42150 TTL: 57 Packet length: 40 TOS: 0x00 This report (for 104.194.140.104) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Hacking Brute-Force
🇮🇹 demonsword	2026-06-13 09:09:42 (2 weeks ago)	SSH brute-force detected: 16 failed login attempts in the last 1 hour.	Brute-Force SSH
🇮🇹 NonOggiCaroMio	2026-06-13 08:37:59 (2 weeks ago)	Arruso ca si: crowdsecurity/http-cve-2021-41773	Brute-Force
🇩🇪 bescared	2026-06-13 07:44:42 (2 weeks ago)	F2B - Malicious activity detected. URL Probing. -8ff06ede-	Hacking Bad Web Bot Web App Attack
🇩🇪 sigurg	2026-06-13 06:37:43 (2 weeks ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-cve-2021-41773	Web App Attack Hacking
🇩🇪 strxmpp	2026-06-13 05:55:56 (2 weeks ago)	104.194.140.104 - - [13/Jun/2026:07:55:55 +0200] "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/. ... show more 104.194.140.104 - - [13/Jun/2026:07:55:55 +0200] "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 400 527 "-" "libredtail-http" ... show less	Bad Web Bot
🇺🇸 MPL	2026-06-13 05:54:20 (2 weeks ago)	tcp/23 (2 or more attempts)	Port Scan
🇵🇱 Nevex	2026-06-13 05:19:53 (2 weeks ago)	Failed 10 attempts using usernames: admin, orangepi, test, user, cirros, rpc, user1 and kali	Brute-Force SSH
Anonymous	2026-06-13 04:54:00 (2 weeks ago)	104.194.140.104 - - [13/Jun/2026:12:54:00 +0800] "POST /hello.world?%ADd+allow_url_include%3d1+%ADd+ ... show more 104.194.140.104 - - [13/Jun/2026:12:54:00 +0800] "POST /hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input HTTP/1.1" 301 178 "-" "libredtail-http" show less	Brute-Force SSH
Anonymous	2026-06-13 04:53:07 (2 weeks ago)	Repeated SSH brute force and user enumeration attempts against a secured web server. Multiple failed ... show more Repeated SSH brute force and user enumeration attempts against a secured web server. Multiple failed authentication attempts from this IP across an extended period. show less	Brute-Force SSH
🇩🇪 pscriptos	2026-06-13 04:26:11 (2 weeks ago)	This IP was detected by CrowdSec triggering crowdsecurity/CVE-2017-9841	Web App Attack

Showing 1 to 15 of 165 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇱 216.155.93.75

🇭🇰 199.45.154.186

🇺🇸 172.110.223.203

🇺🇸 148.153.193.27

🇵🇰 103.173.7.233

🇸🇳 41.82.78.175

🇬🇧 35.203.211.13

🇦🇲 185.215.55.95

🇯🇵 172.104.100.117

🇺🇸 162.216.149.36

🇳🇱 144.31.158.46

🇸🇬 103.13.206.100

🇺🇸 66.132.224.28

🇺🇸 52.167.144.176

🇬🇧 35.203.210.190

🇬🇪 2.57.217.229

🇳🇱 204.76.203.15

🇺🇸 162.216.150.172

🇨🇳 119.180.38.120

🇫🇷 81.17.100.193