JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.61.25

104.207.61.25 was found in our database!

This IP was reported 95 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.61.25

Whois 104.207.61.25

IP Abuse Reports for 104.207.61.25:

This IP address has been reported a total of 95 times from 22 distinct sources. 104.207.61.25 was first reported on June 18th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 SilverZippo	2026-03-04 11:49:51 (3 months ago)	Web App Attack	Web App Attack
🇺🇸 TRoden	2026-02-02 20:59:52 (4 months ago)	Geo Block Plugin: Escalation flag(s): rce_attempt	Hacking
🇪🇸 10dencehispahard SL	2026-01-23 07:39:23 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇬🇧 openstrike.co.uk	2025-12-22 08:49:11 (5 months ago)	9 packets to port 2083	Port Scan
Anonymous	2025-12-21 16:14:27 (5 months ago)	Attempted brute force login to web vpn 164 time(s); last attempt for 2025.12.21 is noted in report t ... show more Attempted brute force login to web vpn 164 time(s); last attempt for 2025.12.21 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-19 20:49:17 (6 months ago)	Attempted brute force login to web vpn 126 time(s); last attempt for 2025.12.19 is noted in report t ... show more Attempted brute force login to web vpn 126 time(s); last attempt for 2025.12.19 is noted in report timestamp show less	Hacking Brute-Force
🇪🇸 el-brujo	2025-12-14 06:32:30 (6 months ago)	Cloudflare WAF: Request Path: /login/ Request Query: ?login_only=1&user=psyke1&pass=sarateamo34&goto ... show more Cloudflare WAF: Request Path: /login/ Request Query: ?login_only=1&user=psyke1&pass=sarateamo34&goto_uri=%2F Host: elhacker.net:2083 userAgent: Mozillia/5.0 (68K; rv:8.0) Gecko/20100210 Firefox/8.0 Action: block Source: firewallManaged ASN Description: DREI-K-TECH-GMBH Country: CA Method: GET Timestamp: 2025-12-14T06:32:30Z ruleId: 8e361ee4328f4a3caf6caf3e664ed6fe. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇱🇻 garmtech.com	2025-12-10 00:55:49 (6 months ago)	IM360 WAF: Attempt to upload malware	Hacking
Anonymous	2025-12-01 23:17:30 (6 months ago)	Attempted brute force login to web vpn 937 time(s); last attempt for 2025.12.01 is noted in report t ... show more Attempted brute force login to web vpn 937 time(s); last attempt for 2025.12.01 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-30 23:47:03 (6 months ago)	Attempted brute force login to web vpn 973 time(s); last attempt for 2025.11.30 is noted in report t ... show more Attempted brute force login to web vpn 973 time(s); last attempt for 2025.11.30 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-27 23:54:22 (6 months ago)	Attempted brute force login to web vpn 2630 time(s); last attempt for 2025.11.27 is noted in report ... show more Attempted brute force login to web vpn 2630 time(s); last attempt for 2025.11.27 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-25 04:56:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:56:39.799292 2025] [security2:error] [pid 8490:tid 8490] [client 104.207.61.25:54665] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.lakeviewstudiopro.com"] [uri "/.env"] [unique_id "aSU3B9GBBq6RsMNB94AuIgAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:19:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:19:47.767456 2025] [security2:error] [pid 9669:tid 9669] [client 104.207.61.25:55517] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.scatchellsbeefstand.com"] [uri "/.svn/wc.db"] [unique_id "aSUgUyDwspJD1PqS0mPcfQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:28:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:28:05.498607 2025] [security2:error] [pid 9187:tid 9187] [client 104.207.61.25:25715] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.brianwhitty.com"] [uri "/.env"] [unique_id "aSUUNbh0PTDNt_Tc1Db8TQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:58:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:58:36.294707 2025] [security2:error] [pid 16519:tid 16519] [client 104.207.61.25:29853] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.schonplanet.com"] [uri "/.git/HEAD"] [unique_id "aSUNTPcQlOmGSygwXBgG7QAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 95 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 182.95.116.66

🇮🇷 93.118.99.251

🇱🇹 81.30.98.49

🇱🇹 81.30.98.44

🇳🇱 77.83.39.98

🇵🇱 74.248.112.30

🇰🇷 61.76.112.4

🇸🇬 188.166.215.16

🇮🇪 109.255.157.24

🇫🇷 2001:41d0:33d:9200::40e

🇩🇪 185.249.74.198

🇺🇸 162.216.150.182

🇫🇮 147.185.133.32

🇬🇧 195.96.139.34

🇺🇸 173.255.223.149

🇻🇳 171.244.37.103

🇮🇳 128.185.220.90

🇧🇬 79.124.56.210

🇸🇬 43.134.35.72

🇬🇧 35.203.211.89