JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.39.85

104.207.39.85 was found in our database!

This IP was reported 149 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.39.85

Whois 104.207.39.85

IP Abuse Reports for 104.207.39.85:

This IP address has been reported a total of 149 times from 21 distinct sources. 104.207.39.85 was first reported on June 7th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 ShadowWhisperer	2026-05-09 11:19:35 (1 month ago)	DOCKER port scan / probe. GET /secrets	Port Scan
🇩🇪 Spidrweb.co.uk	2026-03-23 18:33:32 (3 months ago)	Brute-Force WordPress attack (155.98)	Web App Attack
🇬🇧 relianoid.com	2026-03-21 22:07:43 (3 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇪🇸 10dencehispahard SL	2026-01-26 07:28:30 (5 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇺🇸 TPI-Abuse	2025-12-02 20:18:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.85 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 15:18:50.129008 2025] [security2:error] [pid 15306:tid 15306] [client 104.207.39.85:16223] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "isleofcain.com"] [uri "/.env"] [unique_id "aS9JqqsOdomS9X3lSt2HCQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 08:39:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.85 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 03:39:35.137874 2025] [security2:error] [pid 7866:tid 7866] [client 104.207.39.85:21783] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "infinite-e.com"] [uri "/.git/HEAD"] [unique_id "aS6lx70X1tE6foidi0MTrgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 07:31:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.85 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 02:31:45.632943 2025] [security2:error] [pid 12908:tid 12908] [client 104.207.39.85:32987] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "beachweddinginvites.com"] [uri "/.env"] [unique_id "aS6V4YX4SBsynB5ctluFGwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:42:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.85 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:42:08.421519 2025] [security2:error] [pid 2209:tid 2209] [client 104.207.39.85:43425] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "billhoy.com"] [uri "/.svn/wc.db"] [unique_id "aS5uIJMlV8OqnrG9Hj5k8QAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-11-30 13:09:56 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-11-14 00:24:27 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇧🇷 hostseries	2025-10-25 06:34:30 (8 months ago)	Trigger: LF_DISTATTACK	Brute-Force
Anonymous	2025-10-19 02:58:50 (8 months ago)	Attempted brute force login to web vpn 36 time(s); last attempt for 2025.10.19 is noted in report ti ... show more Attempted brute force login to web vpn 36 time(s); last attempt for 2025.10.19 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-18 02:18:37 (8 months ago)	Attempted brute force login to web vpn 36 time(s); last attempt for 2025.10.18 is noted in report ti ... show more Attempted brute force login to web vpn 36 time(s); last attempt for 2025.10.18 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-17 21:55:31 (8 months ago)	Attempted brute force login to web vpn 18 time(s); last attempt for 2025.10.17 is noted in report ti ... show more Attempted brute force login to web vpn 18 time(s); last attempt for 2025.10.17 is noted in report timestamp show less	Hacking Brute-Force
🇨🇦 wil.com	2025-10-13 19:54:09 (8 months ago)	GlobalProtect login attempts with user morenoyv.	VPN IP Brute-Force

Showing 1 to 15 of 149 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 202.194.98.239

🇲🇽 187.251.123.104

🇺🇸 147.185.132.70

🇺🇸 136.66.87.84

🇨🇳 120.192.179.168

🇺🇸 34.226.218.58

🇸🇪 194.195.91.4

🇺🇸 193.37.33.217

🇫🇮 185.148.1.18

🇺🇸 142.93.58.67

🇷🇴 141.98.83.240

🇬🇧 123.58.207.151

🇨🇳 113.206.183.199

🇫🇷 91.231.89.73

🇱🇻 81.30.98.49

🇳🇱 45.148.10.151

🇬🇧 35.203.210.37

🇨🇳 222.90.233.165

🇨🇱 190.114.32.252

🇧🇷 168.227.152.66