JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.61.10

104.207.61.10 was found in our database!

This IP was reported 91 times. Confidence of Abuse is 24%: ?

24%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.61.10

Whois 104.207.61.10

IP Abuse Reports for 104.207.61.10:

This IP address has been reported a total of 91 times from 22 distinct sources. 104.207.61.10 was first reported on June 11th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 FeG Deutschland	2026-06-12 04:29:44 (2 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇩🇪 HandyTreff.de	2026-06-09 19:28:20 (2 weeks ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -61.201 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -61.201 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 show less	Web App Attack Bad Web Bot
🇩🇪 Bedios GmbH	2026-06-07 18:19:22 (2 weeks ago)	SQL backup theft attempt	Hacking
🇮🇹 VHosting	2026-05-25 13:25:04 (1 month ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇫🇮 inlink.ltd	2026-05-15 12:11:54 (1 month ago)	Known malicious PHP file or CMS probe	Web App Attack
🇩🇪 4server	2026-04-21 08:33:14 (2 months ago)	[TueApr2110:33:08.0063462026][security2:error][pid3025243:tid3025334][client104.207.61.10:0]ModSecur ... show more [TueApr2110:33:08.0063462026][security2:error][pid3025243:tid3025334][client104.207.61.10:0]ModSecurity:Accessdeniedwithcode403$phase1$.Patternmatch\"$\?i$$\?:/\(\?:\^\\|/$\\\\\\\\.$env\\|git\\|svn\\|hg\\|DS_Store$\\|/$\?:wp-config\\|\\\\\\\\.htaccess\\|\\\\\\\\.htpasswd$\\|\\\\\\\\.$\?:sql\\|bak\\|old\\|log$\$\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"156\"][id\"960720\"][msg\"Forbiddenfileaccessattempt\"][severity\"CRITICAL\"][hostname\"grigorov.ch\"][uri\"/dump.sql\"][unique_id\"aec2RGR1Z2zCLsvvYp9b6wAAAE4\"] show less	Port Scan Brute-Force Web App Attack
🇪🇸 librebit	2026-04-08 07:30:33 (2 months ago)	Brute force	Brute-Force
Anonymous	2025-12-21 11:34:47 (6 months ago)	Attempted brute force login to web vpn 108 time(s); last attempt for 2025.12.21 is noted in report t ... show more Attempted brute force login to web vpn 108 time(s); last attempt for 2025.12.21 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-19 23:15:15 (6 months ago)	Attempted brute force login to web vpn 126 time(s); last attempt for 2025.12.19 is noted in report t ... show more Attempted brute force login to web vpn 126 time(s); last attempt for 2025.12.19 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-12-02 22:36:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.10 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:36:08.791669 2025] [security2:error] [pid 27115:tid 27115] [client 104.207.61.10:37047] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aangfl.com"] [uri "/.env"] [unique_id "aS9p2Ib7SL__SsLf3tB0TAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 21:13:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.10 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 16:12:58.718947 2025] [security2:error] [pid 18984:tid 18984] [client 104.207.61.10:48567] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "artbytracyjane.com"] [uri "/.env"] [unique_id "aS9WWvtAq11RLKgfbzZciwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 15:21:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.10 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 10:21:24.701021 2025] [security2:error] [pid 26001:tid 26001] [client 104.207.61.10:30949] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lavozdominicana.com"] [uri "/.svn/wc.db"] [unique_id "aS8D9JAsmxAV1v6QjDau7AAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 13:59:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.10 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 08:59:48.630034 2025] [security2:error] [pid 24638:tid 24638] [client 104.207.61.10:52471] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "agapeaccountingllc.com"] [uri "/.git/HEAD"] [unique_id "aS7w1OHkxsoq5Ch12CTSigAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 12:07:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.10 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 07:07:01.285804 2025] [security2:error] [pid 28409:tid 28409] [client 104.207.61.10:11491] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tempsetters.com"] [uri "/.env"] [unique_id "aS7WZVARvCRcTvEURveJZwAAACM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 10:55:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.10 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 05:55:14.530239 2025] [security2:error] [pid 4656:tid 4656] [client 104.207.61.10:13667] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "springfieldtileexpert.com"] [uri "/.git/HEAD"] [unique_id "aS7Fkr1icpo9Tr6eWkxHYAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 91 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 152.32.191.98

🇺🇸 137.184.228.138

🇸🇬 20.157.117.15

🇮🇱 2.55.122.202

🇨🇳 222.176.201.57

🇧🇷 200.217.173.182

🇹🇼 198.235.24.48

🇩🇪 194.88.98.121

🇺🇸 184.105.247.194

🇧🇷 177.54.62.68

🇨🇳 120.48.27.74

🇮🇩 117.102.74.131

🇩🇪 51.89.45.116

🇳🇱 45.148.10.157

🇨🇳 222.212.75.110

🇩🇪 213.209.159.226

🇻🇪 201.221.114.186

🇺🇸 172.245.21.30

🇺🇸 172.239.51.109

🇯🇵 172.104.100.117