JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.57.139

104.207.57.139 was found in our database!

This IP was reported 126 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.57.139

Whois 104.207.57.139

IP Abuse Reports for 104.207.57.139:

This IP address has been reported a total of 126 times from 16 distinct sources. 104.207.57.139 was first reported on June 5th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 10dencehispahard SL	2026-01-23 07:37:21 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
Anonymous	2026-01-05 20:06:12 (5 months ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-21 13:03:41 (5 months ago)	Attempted brute force login to web vpn 198 time(s); last attempt for 2025.12.21 is noted in report t ... show more Attempted brute force login to web vpn 198 time(s); last attempt for 2025.12.21 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-19 22:45:59 (5 months ago)	Attempted brute force login to web vpn 145 time(s); last attempt for 2025.12.19 is noted in report t ... show more Attempted brute force login to web vpn 145 time(s); last attempt for 2025.12.19 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-01 23:26:22 (6 months ago)	Attempted brute force login to web vpn 951 time(s); last attempt for 2025.12.01 is noted in report t ... show more Attempted brute force login to web vpn 951 time(s); last attempt for 2025.12.01 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-30 23:28:57 (6 months ago)	Attempted brute force login to web vpn 899 time(s); last attempt for 2025.11.30 is noted in report t ... show more Attempted brute force login to web vpn 899 time(s); last attempt for 2025.11.30 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-27 23:28:43 (6 months ago)	Attempted brute force login to web vpn 2343 time(s); last attempt for 2025.11.27 is noted in report ... show more Attempted brute force login to web vpn 2343 time(s); last attempt for 2025.11.27 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-26 10:31:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.139 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:31:15.762064 2025] [security2:error] [pid 23015:tid 23015] [client 104.207.57.139:58975] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "basse.lahamradio.com"] [uri "/.env"] [unique_id "aSbW83NkBmnMnZBvWFO-xwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:32:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.139 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:32:17.236288 2025] [security2:error] [pid 7929:tid 7929] [client 104.207.57.139:42655] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.kingdombuilderschurchmd.org"] [uri "/.svn/wc.db"] [unique_id "aSZYodjtFKLX5kv5qOyI1QAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:57:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.139 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:56:55.718073 2025] [security2:error] [pid 18789:tid 18789] [client 104.207.57.139:42729] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.cometoorderva.com"] [uri "/.env"] [unique_id "aSPzp6U6kerpEVuneY8weQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-18 23:09:48 (6 months ago)	Attempted brute force login to web vpn 271 time(s); last attempt for 2025.11.18 is noted in report t ... show more Attempted brute force login to web vpn 271 time(s); last attempt for 2025.11.18 is noted in report timestamp show less	Hacking Brute-Force
🇨🇭 backslash	2025-11-17 13:35:03 (6 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇪🇸 el-brujo	2025-11-17 07:03:18 (6 months ago)	[Mon Nov 17 08:03:17.777568 2025] [proxy_fcgi:error] [pid 1156805:tid 1157668] [remote 104.207.57.13 ... show more [Mon Nov 17 08:03:17.777568 2025] [proxy_fcgi:error] [pid 1156805:tid 1157668] [remote 104.207.57.139:0] AH01071: Got error 'Primary script unknown', referer: https://www.google.com [Mon Nov 17 08:03:18.239746 2025] [proxy_fcgi:error] [pid 1156805:tid 1157613] [remote 104.207.57.139:0] AH01071: Got error 'Primary script unknown', referer: https://www.google.com ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 10:12:30 (7 months ago)	(mod_security) mod_security (id:210730) triggered by 104.207.57.139 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 104.207.57.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 05:12:25.345586 2025] [security2:error] [pid 2602:tid 2602] [client 104.207.57.139:15789] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mroxyge1.mroxygen.org\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mroxyge1.mroxygen.org"] [uri "/s3cmd.ini"] [unique_id "aRWvCQl4cvcOWFdonwFZDgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-10-30 21:37:12 (7 months ago)	WP Admin Scan Activities	Web App Attack

Showing 1 to 15 of 126 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 160.30.20.178

🇭🇰 104.28.166.47

🇯🇵 34.153.223.48

🇺🇸 145.223.7.39

🇺🇸 143.42.1.44

🇨🇳 121.89.86.241

🇨🇦 85.217.149.42

🇩🇪 69.5.169.182

🇩🇪 69.5.169.168

🇳🇱 45.148.10.152

🇦🇺 34.116.98.62

🇧🇪 34.22.116.168

🇨🇳 14.153.241.17

🇰🇷 1.212.225.99

🇲🇽 187.188.39.146

🇸🇬 118.26.111.107

🇩🇪 62.133.60.87

🇳🇱 52.233.193.61

🇫🇷 51.68.34.131

🇺🇸 45.79.207.71