JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.61.159

104.207.61.159 was found in our database!

This IP was reported 133 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.61.159

Whois 104.207.61.159

IP Abuse Reports for 104.207.61.159:

This IP address has been reported a total of 133 times from 12 distinct sources. 104.207.61.159 was first reported on June 12th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 MatStef132	2026-05-19 21:11:04 (2 weeks ago)	MatShield L7: blocked on mathost.eu (ua-quarantined)	Bad Web Bot
🇳🇱 MatStef132	2026-05-19 20:21:17 (2 weeks ago)	MatShield L7: blocked on chat.justchat.icu (ua-quarantined)	Bad Web Bot
🇳🇱 MatStef132	2026-05-16 13:13:41 (3 weeks ago)	MatShield L7: blocked on justchat.icu (chrome-ua-hint-missing)	DDoS Attack
🇫🇷 MatStef132	2026-05-14 21:32:37 (3 weeks ago)	[mathost.eu] ua-q	DDoS Attack Bad Web Bot Web App Attack
🇦🇺 MAGIC	2025-12-15 00:00:26 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-11-27 13:38:26 (6 months ago)	Attempted brute force login to web vpn 2139 time(s); last attempt for 2025.11.27 is noted in report ... show more Attempted brute force login to web vpn 2139 time(s); last attempt for 2025.11.27 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-25 05:56:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.159 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:56:55.227446 2025] [security2:error] [pid 32746:tid 32746] [client 104.207.61.159:57827] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.theopinionatedowl.com"] [uri "/.git/HEAD"] [unique_id "aSVFJ-antpTRtuYjjwtitwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:25:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.159 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:24:56.378612 2025] [security2:error] [pid 23990:tid 23990] [client 104.207.61.159:20979] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.markrudin.com"] [uri "/.svn/wc.db"] [unique_id "aSUvmPKCM5enby_nVCsXKgAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:08:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.159 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:08:25.563767 2025] [security2:error] [pid 5386:tid 5386] [client 104.207.61.159:37395] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.athletefirst.org"] [uri "/.git/HEAD"] [unique_id "aSUruYu3TvE2X1L7T7PXFgAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:02:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.159 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:02:38.000351 2025] [security2:error] [pid 19943:tid 19943] [client 104.207.61.159:37907] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.abeandmason.com"] [uri "/.env"] [unique_id "aSUcTTxARAg3OhOJJ0jfbAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:31:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.159 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:31:38.514289 2025] [security2:error] [pid 15422:tid 15422] [client 104.207.61.159:9843] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mrbaystreet.com"] [uri "/.env"] [unique_id "aSUVCq9-8-aq3UGwy5sKTQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:33:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.159 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:33:34.176681 2025] [security2:error] [pid 16076:tid 16095] [client 104.207.61.159:43499] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.jonathanarlook.com"] [uri "/.svn/wc.db"] [unique_id "aST5Xo2OAmO1i2wCi7BzWAAAARE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:38:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.159 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:37:43.785140 2025] [security2:error] [pid 4802:tid 4802] [client 104.207.61.159:22833] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.studioarmanni.com"] [uri "/.env"] [unique_id "aSQnZ7NT_uU82jFrke5_kQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:08:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.159 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:07:54.461129 2025] [security2:error] [pid 18192:tid 18233] [client 104.207.61.159:59703] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "allstartaxidermy.com"] [uri "/.env"] [unique_id "aSP2OiagYJ-Jn6Tmn4s7JQAAAUM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-18 20:41:12 (6 months ago)	Attempted brute force login to web vpn 216 time(s); last attempt for 2025.11.18 is noted in report t ... show more Attempted brute force login to web vpn 216 time(s); last attempt for 2025.11.18 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 133 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 75.4.193.218

🇯🇵 8.216.16.144

🇫🇷 2001:861:c64:d40:58ec:fa6:517c:1d7f

🇺🇸 209.250.4.144

🇸🇪 193.189.100.196

🇮🇶 185.166.25.150

🇨🇳 120.209.186.110

🇻🇳 113.161.39.122

🇨🇳 106.117.109.139

🇮🇳 103.91.246.73

🇵🇰 72.255.33.190

🇰🇷 49.247.37.22

🇳🇱 45.148.10.141

🇺🇸 15.204.95.90

🇩🇪 203.188.189.46

🇮🇳 119.18.52.5

🇺🇸 107.21.47.135

🇷🇴 92.118.39.236

🇬🇧 35.203.211.231

🇨🇳 210.16.168.11