JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.55.39

104.207.55.39 was found in our database!

This IP was reported 146 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.55.39

Whois 104.207.55.39

IP Abuse Reports for 104.207.55.39:

This IP address has been reported a total of 146 times from 20 distinct sources. 104.207.55.39 was first reported on June 7th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-01-05 20:24:16 (5 months ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:51 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇳🇱 homeshowdomain.nl	2025-11-25 23:03:23 (6 months ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2025-11-24. show less	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-24 08:39:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:38:37.812184 2025] [security2:error] [pid 132008:tid 132017] [client 104.207.55.39:29765] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.coloradospringsdermatology.com"] [uri "/.git/HEAD"] [unique_id "aSQZjQH-XN5lTt6cMbeLWgAAAEQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:46:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:46:42.422901 2025] [security2:error] [pid 1667:tid 1667] [client 104.207.55.39:11619] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aupapierjaponais.com"] [uri "/.env"] [unique_id "aSQNYpbPKc1JFhOrbQ_FPwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-24 07:07:07 (6 months ago)	Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing ... show more Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:56:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:56:30.905519 2025] [security2:error] [pid 31961:tid 31961] [client 104.207.55.39:48885] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.howtogetcoolstuffforfree.com"] [uri "/.env"] [unique_id "aSQBnnKVwvr8MitsEM6GxwAAAC0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:41:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:41:11.536018 2025] [security2:error] [pid 12040:tid 12040] [client 104.207.55.39:22013] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.ggaccounting.services"] [uri "/.git/HEAD"] [unique_id "aSPv927xulKD-5lxOTg6qgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:25:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:25:32.366406 2025] [security2:error] [pid 11031:tid 11031] [client 104.207.55.39:17513] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.acraloc.com"] [uri "/.svn/wc.db"] [unique_id "aSPsTF68Cu0tvTHnBzhT3AAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:34:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:34:45.915221 2025] [security2:error] [pid 23487:tid 23487] [client 104.207.55.39:52747] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.serhanemre.com"] [uri "/.env"] [unique_id "aSPSVV-xMSLeQy0-Vp5_mQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2025-11-01 08:02:57 (7 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 YaBrowser/22.7.0 Yowser/2.5 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇱🇻 garmtech.com	2025-10-30 12:47:58 (7 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 14-47.104.207.55.39.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 14-47.104.207.55.39.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
Anonymous	2025-10-24 00:17:55 (7 months ago)	wordpress-trap	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-10-21 04:41:58 (7 months ago)	WP Admin Scan Activities	Web App Attack

Showing 1 to 15 of 146 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 160.30.160.192

🇺🇸 146.88.241.56

🇳🇵 103.225.246.56

🇵🇱 95.214.53.196

🇫🇷 91.231.89.225

🇺🇸 66.132.186.221

🇺🇸 52.154.132.178

🇬🇧 35.203.210.37

🇮🇹 34.154.24.42

🇮🇪 2a05:d018:10df:d402:b062:2946:58ee:5af5

🇨🇳 218.13.157.209

🇳🇱 185.226.197.43

🇳🇱 176.65.139.55

🇺🇸 152.32.207.229

🇮🇩 119.235.220.213

🇨🇳 117.132.5.139

🇧🇩 103.161.105.4

🇮🇩 103.153.190.105

🇧🇩 103.153.110.190

🇮🇩 103.152.242.106