JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.198.139.72

104.198.139.72 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 57%: ?

57%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	72.139.198.104.bc.googleusercontent.com
Domain Name	google.com
Country	🇺🇸 United States of America
City	Council Bluffs, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.198.139.72

Whois 104.198.139.72

IP Abuse Reports for 104.198.139.72:

This IP address has been reported a total of 21 times from 10 distinct sources. 104.198.139.72 was first reported on June 8th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-09 22:01:38 (1 week ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-08. show less	Web App Attack SSH Hacking
🇷🇺 DZBOT	2026-06-09 16:45:56 (1 week ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇫🇷 masterguru	2026-06-09 04:51:45 (1 week ago)	Too much 404 requests in 1 minute. Operator GE matched 10 at IP:block_script. (46020-193)	Hacking
🇳🇱 homeshowdomain.nl	2026-06-08 22:09:16 (1 week ago)	Auto-ban: >3000 req/min op 2026-06-08	Web App Attack SSH Hacking
🇦🇱 router.al	2026-06-08 18:16:18 (1 week ago)	06/08/2026-18:16:18.353822 104.198.139.72 Protocol: 6 GPL WEB_SERVER 403 Forbidden	Port Scan
🇺🇸 TPI-Abuse	2026-06-08 17:14:24 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 104.198.139.72 (72.139.198.104.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 104.198.139.72 (72.139.198.104.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 13:14:17.083996 2026] [security2:error] [pid 23298:tid 23298] [client 104.198.139.72:45570] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "juhoanttila.com"] [uri "/.git/config"] [unique_id "aib4aWP3r5s4wEmu6pRoDAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 15:05:58 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 104.198.139.72 (72.139.198.104.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 104.198.139.72 (72.139.198.104.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 11:05:53.594053 2026] [security2:error] [pid 8827:tid 8827] [client 104.198.139.72:47956] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.luenwowine.com"] [uri "/.git/config"] [unique_id "aibaUW6lWNlp3bO2hQDbMwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 aranguren.org	2026-06-08 14:38:41 (1 week ago)	104.198.139.72 - - [09/Jun/2026:00:38:25 +1000] "GET /.git/config HTTP/1.1" 200 341 "-" "Mozilla/5.0 ... show more 104.198.139.72 - - [09/Jun/2026:00:38:25 +1000] "GET /.git/config HTTP/1.1" 200 341 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.90 Safari/537.36" 104.198.139.72 - - [09/Jun/2026:00:38:40 +1000] "GET /.git/info/ HTTP/1.1" 200 932 "-" "Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0" 104.198.139.72 - - [09/Jun/2026:00:38:40 +1000] "GET /.git/config HTTP/1.1" 200 341 "-" "Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 14:11:52 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 104.198.139.72 (72.139.198.104.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 104.198.139.72 (72.139.198.104.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 10:11:49.679463 2026] [security2:error] [pid 17835:tid 17835] [client 104.198.139.72:53366] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "breathofgodministry.com"] [uri "/.git/config"] [unique_id "aibNpfrPEAd0MTmGeRFo2gAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 11:15:24 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 104.198.139.72 (72.139.198.104.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 104.198.139.72 (72.139.198.104.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 07:15:19.896738 2026] [security2:error] [pid 20220:tid 20220] [client 104.198.139.72:32926] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oogeothermal.com"] [uri "/.git/config"] [unique_id "aiakR9nu6vZ2B3SRCequ6gAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 4server	2026-06-08 10:19:15 (1 week ago)	[MonJun0812:19:09.3768202026][security2:error][pid3760329:tid3760452][client104.198.139.72:0]ModSecu ... show more [MonJun0812:19:09.3768202026][security2:error][pid3760329:tid3760452][client104.198.139.72:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"cpanel.whatsdecor.ch\"][uri\"/.git/config\"][unique_id\"aiaXHRC1Hhsg86TBsbgtcAAAARM\"] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 08:22:12 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 104.198.139.72 (72.139.198.104.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 104.198.139.72 (72.139.198.104.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 04:22:04.311288 2026] [security2:error] [pid 20999:tid 20999] [client 104.198.139.72:58154] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cbrhualpen.cl"] [uri "/.git/config"] [unique_id "aiZ7rIBIqgdcNZwQE9q3tQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 07:19:20 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 104.198.139.72 (72.139.198.104.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 104.198.139.72 (72.139.198.104.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 03:19:12.246251 2026] [security2:error] [pid 12964:tid 12964] [client 104.198.139.72:48898] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sellitwithsteve.com"] [uri "/.git/config"] [unique_id "aiZs8EQam7Eo-THSr0sWQwAAAIU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 06:36:56 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 104.198.139.72 (72.139.198.104.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 104.198.139.72 (72.139.198.104.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 02:36:50.506978 2026] [security2:error] [pid 7211:tid 7229] [client 104.198.139.72:37300] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.crosstheatreorg.pwrcoupling.com"] [uri "/.git/config"] [unique_id "aiZjAuRS3PWpjOmbSywyLgAAAE8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-08 06:15:02 (1 week ago)	suspicious request in access.log	Web App Attack

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 192.227.167.187

🇰🇷 211.62.96.42

🇻🇳 160.191.244.158

🇨🇳 60.188.58.133

🇳🇴 2a01:111:f403:d20f::3

🇫🇷 185.66.234.228

🇨🇳 171.117.102.33

🇮🇳 115.246.239.27

🇨🇳 111.228.21.101

🇺🇸 104.236.118.31

🇮🇩 103.188.177.46

🇺🇸 66.132.172.236

🇳🇱 45.148.10.151

🇺🇸 45.55.185.228

🇺🇸 34.56.50.6

🇯🇵 8.216.5.82

🇰🇷 218.150.184.241

🇧🇪 198.235.24.248

🇹🇼 198.235.24.87

🇺🇸 192.3.188.136