JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.61.164

104.207.61.164 was found in our database!

This IP was reported 133 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.61.164

Whois 104.207.61.164

IP Abuse Reports for 104.207.61.164:

This IP address has been reported a total of 133 times from 16 distinct sources. 104.207.61.164 was first reported on June 5th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 sefinek.net	2026-04-01 14:30:04 (2 months ago)	Triggered Cloudflare WAF (firewallCustom) from CA. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from CA. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: /genshin-stella-mod \| UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 OPR/89.0.4447.51 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 Psycho Solutions LLC	2026-03-14 22:12:12 (2 months ago)	Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-login.php - User Agent: N ... show more Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-login.php - User Agent: N/A - Timestamp: 3/14/2026 10:12 pm (UTC-6) show less	Web App Attack Bad Web Bot Web Spam Hacking
🇩🇪 F242	2026-01-02 13:43:32 (5 months ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇺🇸 TPI-Abuse	2025-12-28 02:46:18 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.164 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 21:46:12.676387 2025] [security2:error] [pid 20941:tid 20941] [client 104.207.61.164:31477] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jeanniemorrislaw.com"] [uri "/.env"] [unique_id "aVCZ9MIGgEPdJhbqHwTXhQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 17:21:04 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.164 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 12:20:58.096250 2025] [security2:error] [pid 2852:tid 2863] [client 104.207.61.164:56115] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lakebridge.com"] [uri "/.git/HEAD"] [unique_id "aVAVeneq7BsfisjpkAY8xwAAAMY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 17:25:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.164 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 12:25:07.631242 2025] [security2:error] [pid 4111:tid 4111] [client 104.207.61.164:48203] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cottrellfamily.com.cottrel.com"] [uri "/.git/HEAD"] [unique_id "aSc38yT8yG1FHgz_ur93FgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:44:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.164 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:43:53.671786 2025] [security2:error] [pid 7534:tid 7534] [client 104.207.61.164:43763] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.protucaribe.com"] [uri "/.svn/wc.db"] [unique_id "aSVQKQG2NPAUxGRYYfwulgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:18:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.164 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:18:19.419580 2025] [security2:error] [pid 11509:tid 11509] [client 104.207.61.164:49169] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.pensbybruno.com"] [uri "/.git/HEAD"] [unique_id "aSVKK_HDUaL6I6Y-RaiI_wAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:15:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.164 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:15:28.385896 2025] [security2:error] [pid 10747:tid 10767] [client 104.207.61.164:21163] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.newleafpro.com"] [uri "/.env"] [unique_id "aSU7cF2GfO2s-Qdwr6d8EQAAAI8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:10:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.164 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:10:37.068376 2025] [security2:error] [pid 14922:tid 14922] [client 104.207.61.164:32853] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.dogdom.com"] [uri "/.env"] [unique_id "aSUsPYheVxKnnrauP8WGXwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:14:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.164 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:14:31.517084 2025] [security2:error] [pid 1647141:tid 1647218] [client 104.207.61.164:19099] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.tributetomarilyn.com"] [uri "/.svn/wc.db"] [unique_id "aSURB9ffCdpZ5cNrCNdnzQAAAU0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:09:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.164 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:09:32.634961 2025] [security2:error] [pid 7326:tid 7537] [client 104.207.61.164:21519] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.coheteverde.com"] [uri "/.svn/wc.db"] [unique_id "aSUBzNNUaJ5dFUuoaTxtkQAAANc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:54:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.164 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:54:10.982077 2025] [security2:error] [pid 11285:tid 11285] [client 104.207.61.164:35503] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.thecommonsenseeconomist.org"] [uri "/.svn/wc.db"] [unique_id "aST-Mqh8i7tSsxN9x-gWjgAAAHI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:26:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.164 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:26:54.134551 2025] [security2:error] [pid 19304:tid 19304] [client 104.207.61.164:60535] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.timezonespro.com"] [uri "/.env"] [unique_id "aST3zquNF0gt3tdgT9_KSQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-04-06 14:12:10 (1 year ago)	Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.06 is noted in report tim ... show more Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.06 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 133 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.180.246.165

🇺🇸 208.109.188.137

🇭🇰 172.253.4.29

🇺🇸 162.216.149.120

🇺🇸 153.75.246.180

🇺🇸 148.153.188.254

🇩🇪 141.11.250.239

🇫🇷 89.117.57.182

🇨🇳 42.48.191.113

🇺🇦 31.42.184.158

🇪🇬 197.199.224.52

🇵🇰 175.107.1.212

🇯🇵 160.251.197.41

🇨🇳 111.51.73.54

🇨🇳 101.71.211.192

🇧🇬 79.124.56.138

🇧🇷 45.205.1.241

🇨🇳 42.5.97.254

🇹🇼 198.235.24.39

🇧🇷 191.19.57.223