JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.198.89.61

104.198.89.61 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 51%: ?

51%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	61.89.198.104.bc.googleusercontent.com
Domain Name	google.com
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.198.89.61

Whois 104.198.89.61

IP Abuse Reports for 104.198.89.61:

This IP address has been reported a total of 18 times from 14 distinct sources. 104.198.89.61 was first reported on May 20th 2026, and the most recent report was 11 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 4server	2026-06-29 02:11:05 (11 hours ago)	[MonJun2904:11:00.8305342026][security2:error][pid2387056:tid2387182][client104.198.89.61:0]ModSecur ... show more [MonJun2904:11:00.8305342026][security2:error][pid2387056:tid2387182][client104.198.89.61:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:10\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"server8.4host.ch\"][uri\"/static/.git/config\"][unique_id\"akHUNEgyo1xbXd2GjI7LAgAAAQ8\"] show less	Port Scan Brute-Force Web App Attack
Anonymous	2026-06-29 02:08:15 (11 hours ago)	PSCSERV WPSCAN 104.198.89.61	Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-29 00:18:39 (13 hours ago)	Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-197)	Hacking Web App Attack
🇺🇸 mnsf	2026-06-29 00:06:03 (13 hours ago)	Abuse Detected (30)	Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2026-05-23 21:59:51 (1 month ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-22. show less	Web App Attack SSH Hacking
🇧🇪 cmbplf	2026-05-22 20:37:57 (1 month ago)	2.006 requests with url.path .git/	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-22 19:03:19 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 104.198.89.61 (61.89.198.104.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 104.198.89.61 (61.89.198.104.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 15:03:13.443844 2026] [security2:error] [pid 1540:tid 1540] [client 104.198.89.61:33286] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.therealseska.com"] [uri "/.git/config"] [unique_id "ahCoccNEUaQGOxE06h4TngAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-22 17:53:26 (1 month ago)	Try to connect to Port_Scan_443_stealth	Port Scan
🇺🇸 OceanTreasure	2026-05-22 13:45:05 (1 month ago)	tcp/443; Git configuration exposure attempt: "GET /.git/config" @ 2026-05-22T13:41:12Z [proxy]	Web App Attack
🇺🇸 TPI-Abuse	2026-05-22 13:37:18 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 104.198.89.61 (61.89.198.104.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 104.198.89.61 (61.89.198.104.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 09:37:15.086347 2026] [security2:error] [pid 17277:tid 17277] [client 104.198.89.61:48944] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yeswedeliver.org"] [uri "/.git/config"] [unique_id "ahBcC17FCYJDsJR8ylPgqQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-22 12:28:36 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 104.198.89.61 (61.89.198.104.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 104.198.89.61 (61.89.198.104.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 08:28:32.727462 2026] [security2:error] [pid 8367:tid 8367] [client 104.198.89.61:47356] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gvimmobilier.com"] [uri "/.git/config"] [unique_id "ahBL8B_yy7ciVbq-tBLedAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇿 Antinson	2026-05-22 11:14:03 (1 month ago)	Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)	Bad Web Bot
Anonymous	2026-05-22 11:05:02 (1 month ago)	suspicious request in access.log	Web App Attack
🇺🇸 TPI-Abuse	2026-05-22 09:33:06 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 104.198.89.61 (61.89.198.104.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 104.198.89.61 (61.89.198.104.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 05:33:00.087526 2026] [security2:error] [pid 1124:tid 1124] [client 104.198.89.61:36214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.stoughtonpipeandwelding.net"] [uri "/.git/config"] [unique_id "ahAizO683GfH5SmLcSt3HQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-05-22 09:28:57 (1 month ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 165.99.16.135

🇺🇸 172.104.11.51

🇸🇬 149.34.253.149

🇲🇦 105.74.203.108

🇺🇸 74.114.29.217

🇫🇷 62.171.165.232

🇳🇱 45.148.10.157

🇿🇲 41.63.63.211

🇹🇼 36.230.86.241

🇰🇷 211.245.36.214

🇮🇶 194.31.220.230

🇧🇷 179.181.181.116

🇮🇳 143.110.181.226

🇨🇳 115.190.172.63

🇨🇳 106.54.16.117

🇫🇷 91.196.152.11

🇫🇷 79.137.34.248

🇺🇸 34.71.199.124

🇺🇸 23.29.118.224

🇧🇪 198.235.24.173