JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.104.138.118

185.104.138.118 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 13%: ?

13%

ISP	Icomera AB
Usage Type	Fixed Line ISP
ASN	AS398830
Hostname(s)	ip-185-104-138-118.ptr.icomera.net
Domain Name	icomera.com
Country	🇩🇪 Germany
City	Hannover, Lower Saxony

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.104.138.118

Whois 185.104.138.118

IP Abuse Reports for 185.104.138.118:

This IP address has been reported a total of 9 times from 5 distinct sources. 185.104.138.118 was first reported on September 27th 2025, and the most recent report was 22 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Tamsy	2026-06-18 07:55:42 (22 hours ago)	HTTPD - Web Application vulnerability scan	Web App Attack
🇩🇪 strzonnek	2026-06-04 20:22:53 (2 weeks ago)	attack on webform	Brute-Force Web App Attack
🇩🇪 bontekoe.technology	2026-03-21 10:58:12 (2 months ago)	Port scan or Brute-Force detected. (src_port=58331, dst_port=443)	Brute-Force
🇩🇪 bontekoe.technology	2026-03-21 10:03:35 (2 months ago)	Port scan or Brute-Force detected. (src_port=57816, dst_port=443)	Brute-Force
🇩🇪 bontekoe.technology	2026-03-02 10:02:01 (3 months ago)	Port scan or Brute-Force detected. (src_port=54651, dst_port=443)	Brute-Force
🇩🇪 bontekoe.technology	2026-03-02 09:04:37 (3 months ago)	Port scan or Brute-Force detected. (src_port=53711, dst_port=443)	Brute-Force
Anonymous	2026-02-19 05:51:16 (4 months ago)	[Thu Feb 19 06:51:15.568794 2026] [security2:error] [pid 2535:tid 2535] [client 185.104.138.118:4287 ... show more [Thu Feb 19 06:51:15.568794 2026] [security2:error] [pid 2535:tid 2535] [client 185.104.138.118:42874] ModSecurity: Access denied with code 403 (phase 4). Operator GE matched 4 at TX:outbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/RESPONSE-959-BLOCKING-EVALUATION.conf"] [line "77"] [id "959100"] [msg "Outbound Anomaly Score Exceeded (Total Score: 4)"] [ver "OWASP_CRS/3.3.7"] [tag "anomaly-evaluation"] [hostname "seafile.nb6.de"] [uri "/index.php"] [unique_id "aZak001BfCkFSXPXcd-MGwAAAAI"] [Thu Feb 19 06:51:15.655918 2026] [security2:error] [pid 2535:tid 2535] [client 185.104.138.118:42874] ModSecurity: Access denied with code 403 (phase 4). Operator GE matched 4 at TX:outbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/RESPONSE-959-BLOCKING-EVALUATION.conf"] [line "77"] [id "959100"] [msg "Outbound Anomaly Score Exceeded (Total Score: 4)"] [ver "OWASP_CRS/3.3.7"] [tag "anomaly-evaluation"] [hostname "seafile.nb6.de"] [uri "/index.php"] [unique_id "aZak001BfC ... show less	Brute-Force
Anonymous	2026-02-19 05:20:59 (4 months ago)	2026-02-19T06:20:58.036960+01:00 mail.nb6.de postfix/smtps/smtpd[2683]: warning: ip-185-104-138-118. ... show more 2026-02-19T06:20:58.036960+01:00 mail.nb6.de postfix/smtps/smtpd[2683]: warning: ip-185-104-138-118.ptr.icomera.net[185.104.138.118]: SASL PLAIN authentication failed: generic failure, sasl_username=corona.berlinersc-badminton 2026-02-19T06:20:58.144783+01:00 mail.nb6.de postfix/smtps/smtpd[2683]: warning: ip-185-104-138-118.ptr.icomera.net[185.104.138.118]: SASL PLAIN authentication failed: generic failure, sasl_username=corona.berlinersc-badminton 2026-02-19T06:20:58.459023+01:00 mail.nb6.de postfix/smtps/smtpd[2683]: warning: ip-185-104-138-118.ptr.icomera.net[185.104.138.118]: SASL LOGIN authentication failed: generic failure, sasl_username=corona.berlinersc-badminton 2026-02-19T06:20:58.831020+01:00 mail.nb6.de postfix/smtps/smtpd[2683]: warning: ip-185-104-138-118.ptr.icomera.net[185.104.138.118]: SASL LOGIN authentication failed: generic failure, sasl_username=corona.berlinersc-badminton 2026-02-19T06:20:58.940423+01:00 mail.nb6.de postfix/smtps/smtpd[2683]: disconnect from ip-1 ... show less	Brute-Force
Anonymous	2025-09-27 08:02:16 (8 months ago)	Web attack	Bad Web Bot Web App Attack

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.32.209.231

🇧🇪 130.211.61.52

🇬🇧 35.203.210.5

🇮🇳 223.184.171.194

🇺🇸 212.102.40.218

🇵🇱 138.124.20.112

🇹🇭 124.122.62.157

🇸🇬 101.47.25.139

🇧🇼 83.143.28.194

🇸🇬 47.84.143.191

🇨🇳 43.248.108.235

🇺🇸 18.216.136.247

🇺🇸 2607:f8b0:4004:1000::122

🇳🇱 185.223.235.61

🇬🇧 176.126.78.131

🇸🇬 129.212.239.203

🇺🇸 103.196.9.224

🇱🇹 81.30.98.49

🇳🇱 72.56.99.97

🇺🇸 71.6.199.65