JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.55.139

104.207.55.139 was found in our database!

This IP was reported 137 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.55.139

Whois 104.207.55.139

IP Abuse Reports for 104.207.55.139:

This IP address has been reported a total of 137 times from 18 distinct sources. 104.207.55.139 was first reported on June 6th 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 spamverify.com	2026-06-10 02:14:57 (3 days ago)	Honeypot Hit: WordPress Login	Web Spam Blog Spam Bad Web Bot Web App Attack
🇺🇸 mind5t0rm	2026-02-05 09:28:08 (4 months ago)	(WPLOGIN) WP Login Attack 104.207.55.139 (DE/Germany/-): 3 in the last 3600 secs; Ports: ; Directio ... show more (WPLOGIN) WP Login Attack 104.207.55.139 (DE/Germany/-): 3 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: 104.207.55.139 - - [05/Feb/2026:16:27:55 +0700] "GET /wp-login.php HTTP/2.0" 200 2454 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15" 104.207.55.139 - - [05/Feb/2026:16:28:03 +0700] "GET /wp-login.php?wp_lang=en_US HTTP/2.0" 200 2454 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" 104.207.55.139 - - [05/Feb/2026:16:28:05 +0700] "POST /wp-login.php?wp_lang=en_US HTTP/2.0" 302 0 "https://zerowaterthailand.com/wp-login.php?wp_lang=en_US" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" show less	Port Scan
Anonymous	2026-01-05 20:34:53 (5 months ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-12-30 11:00:04 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.139 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 30 05:59:30.829717 2025] [security2:error] [pid 14726:tid 14726] [client 104.207.55.139:29837] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.lazymanvegan.com"] [uri "/.svn/wc.db"] [unique_id "aVOwkpE5Pf7TPVp6wMY23wAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 06:44:37 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.139 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:44:32.362659 2025] [security2:error] [pid 13094:tid 13094] [client 104.207.55.139:41549] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "norbertesser.com"] [uri "/.env"] [unique_id "aVIjUC2u_suQtVySsPcXlAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:53:23 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.139 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:53:18.094609 2025] [security2:error] [pid 21990:tid 22000] [client 104.207.55.139:49461] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "longevityworkout.com"] [uri "/.svn/wc.db"] [unique_id "aVIXTgEZ57qDUnmwicnLzAAAAQg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-28 18:22:47 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.139 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 13:22:43.944079 2025] [security2:error] [pid 5756:tid 5778] [client 104.207.55.139:55043] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rubenluis.com"] [uri "/.svn/wc.db"] [unique_id "aVF1cxdoxV__GMiLZ0MMhwAAARQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 22:32:58 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.139 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 17:32:55.088925 2025] [security2:error] [pid 26473:tid 26473] [client 104.207.55.139:22915] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "weddinganniversarynapkins.com"] [uri "/.env"] [unique_id "aVBelw5c40vBFAuXSTEowgAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 20:38:26 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.139 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 15:38:22.827105 2025] [security2:error] [pid 31078:tid 31078] [client 104.207.55.139:34207] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alexissteinrauf.com"] [uri "/.env"] [unique_id "aVBDvqqLqQwnfo6t3xZNpQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 19:52:20 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.139 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 14:52:15.527609 2025] [security2:error] [pid 29233:tid 29233] [client 104.207.55.139:18887] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cabocondoforrent.com"] [uri "/.env"] [unique_id "aVA47xarXVifgBWUdqUqMwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 16:05:13 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.139 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 11:05:08.768837 2025] [security2:error] [pid 29348:tid 29348] [client 104.207.55.139:23943] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "beachcitytshirts.com"] [uri "/.svn/wc.db"] [unique_id "aVADtI_Er7A6sLYYHU0o6QAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-27 13:06:51 (5 months ago)	2025-12-27T15:06:50.674616+02:00 zanati wp(www.sahpa.co.za)[193496]: Blocked authentication attempt ... show more 2025-12-27T15:06:50.674616+02:00 zanati wp(www.sahpa.co.za)[193496]: Blocked authentication attempt for [email protected] from 104.207.55.139 ... show less	Web App Attack
🇩🇪 iNetWorker	2025-12-26 03:28:55 (5 months ago)	trolling for resource vulnerabilities	Web App Attack
🇦🇺 oncord	2025-11-24 14:44:49 (6 months ago)	Form spam	Web Spam
🇪🇸 10dencehispahard SL	2025-11-19 07:10:34 (6 months ago)	WP probing for vulnerabilities	Hacking Exploited Host

Showing 1 to 15 of 137 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇹 196.188.93.169

🇸🇦 51.223.119.239

🇨🇳 180.167.128.203

🇫🇮 109.172.95.248

🇷🇴 80.94.92.177

🇺🇸 64.62.197.85

🇺🇸 64.62.197.77

🇸🇬 35.198.244.106

🇨🇳 27.11.199.101

🇮🇳 8.231.68.187

🇹🇼 198.235.24.68

🇧🇷 189.113.8.254

🇩🇪 167.94.146.47

🇮🇳 138.252.34.151

🇨🇳 111.198.51.131

🇺🇸 71.179.101.83

🇫🇷 51.75.127.195

🇨🇳 43.248.108.240

🇫🇮 35.228.63.131

🇧🇪 34.140.27.223