JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.58.39

104.207.58.39 was found in our database!

This IP was reported 130 times. Confidence of Abuse is 49%: ?

49%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.58.39

Whois 104.207.58.39

IP Abuse Reports for 104.207.58.39:

This IP address has been reported a total of 130 times from 22 distinct sources. 104.207.58.39 was first reported on June 4th 2024, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-01 21:59:29 (5 days ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-31. show less	Web App Attack SSH Hacking
Anonymous	2026-05-31 03:55:02 (6 days ago)	suspicious request in access.log	Web App Attack
🇫🇷 Little Iguana	2026-05-31 03:28:16 (6 days ago)	Attempt to hack Wordpress Login, XMLRPC or other login	Hacking
🇺🇸 mnsf	2026-05-31 03:05:33 (6 days ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-31 02:44:02 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 22:43:58.350560 2026] [security2:error] [pid 14691:tid 14691] [client 104.207.58.39:57303] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "easyweb-publishing.com"] [uri "/.git/config"] [unique_id "ahugbjcyHPB5LsgYtG-gVwAAACg"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇪 EmK530	2026-05-31 02:43:21 (6 days ago)	URL flagged by RegEx: /.git/config	Web App Attack
🇩🇪 sverson	2026-05-20 03:53:59 (2 weeks ago)	Wordpress Attack Attempt	Web App Attack
🇱🇻 garmtech.com	2026-05-11 11:49:37 (3 weeks ago)	IM360 WAF: Laravel .env file access	Web App Attack
🇦🇺 2000cn.com.au	2026-05-04 11:15:00 (1 month ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇩🇪 big-cloud.nl	2026-04-27 04:48:05 (1 month ago)	Try to access /.aws/credentials	Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 03:49:58 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 22:49:55.694315 2026] [security2:error] [pid 31742:tid 31742] [client 104.207.58.39:53981] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "robertseyewear.com"] [uri "/config/.env"] [unique_id "aZU24-8eipzKtmDrKWIafgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 01:08:07 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 20:08:01.971765 2026] [security2:error] [pid 25271:tid 25298] [client 104.207.58.39:11053] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "peapage.com"] [uri "/app/.env"] [unique_id "aZUQ8b8Y6e0pNsv3e1iewgAAAQk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 00:51:53 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 19:51:50.090942 2026] [security2:error] [pid 26308:tid 26308] [client 104.207.58.39:52655] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "paulshorrock.com"] [uri "/new/.git/config"] [unique_id "aZUNJpX2QCLI-uyCA2I_dwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-04-07 11:04:47 (1 year ago)	Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-06 19:59:00 (1 year ago)	Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.06 is noted in report tim ... show more Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.06 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 130 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 172.253.90.19

🇫🇷 163.172.143.147

🇺🇸 216.25.89.102

🇨🇱 170.238.201.195

🇭🇰 168.76.131.178

🇨🇳 111.225.149.96

🇷🇺 88.205.172.170

🇳🇱 2.58.56.61

🇺🇸 162.216.149.226

🇵🇰 153.117.9.33

🇵🇱 143.20.97.213

🇻🇳 125.212.129.46

🇺🇸 20.29.24.158

🇻🇳 14.225.7.70

🇺🇸 216.25.89.154

🇩🇪 176.65.132.218

🇳🇱 81.19.216.72

🇺🇸 50.6.224.135

🇧🇷 45.205.1.243

🇳🇱 43.250.54.196