JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.61.38

104.207.61.38 was found in our database!

This IP was reported 146 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.61.38

Whois 104.207.61.38

IP Abuse Reports for 104.207.61.38:

This IP address has been reported a total of 146 times from 20 distinct sources. 104.207.61.38 was first reported on June 7th 2024, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-05-06 11:27:11 (4 weeks ago)	URL file extension is restricted by policy. String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ ... show more URL file extension is restricted by policy. String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .rdb/ .resources/ .resx/ .sql/ .swp/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. (920440-135) show less	Hacking
🇵🇱 sefinek.net	2026-02-25 16:31:36 (3 months ago)	Triggered Cloudflare WAF (firewallCustom) from CA. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from CA. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: /genshin-stella-mod \| UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 YaBrowser/22.7.0 Yowser/2.5 Safari/537.36 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2026-01-02 16:14:41 (5 months ago)	Attempted brute force login to web vpn 36 time(s); last attempt for 2026.01.02 is noted in report ti ... show more Attempted brute force login to web vpn 36 time(s); last attempt for 2026.01.02 is noted in report timestamp show less	Hacking Brute-Force
🇨🇭 backslash	2026-01-02 14:55:07 (5 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇩🇪 Packets-Decreaser.NET	2025-12-31 00:58:13 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇦🇺 oncord	2025-12-28 08:21:25 (5 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2025-12-28 00:51:51 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 19:51:44.581845 2025] [security2:error] [pid 12035:tid 12035] [client 104.207.61.38:20319] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "qwik-wash.com"] [uri "/.env"] [unique_id "aVB_IPk5EdbWf-5aeYJXWgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 23:55:01 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 18:54:57.532242 2025] [security2:error] [pid 15171:tid 15171] [client 104.207.61.38:36417] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cathrynn.com"] [uri "/.svn/wc.db"] [unique_id "aVBx0bTOCoSairGr0Lk78gAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 23:01:54 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 18:01:48.078530 2025] [security2:error] [pid 6266:tid 6266] [client 104.207.61.38:49849] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jeffmasonmusic.com"] [uri "/.svn/wc.db"] [unique_id "aVBlXNJ3D9O0wayifgi6qQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 21:04:39 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 16:04:30.960281 2025] [security2:error] [pid 3337:tid 3337] [client 104.207.61.38:14201] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.dodgersboosterclub.com"] [uri "/.git/HEAD"] [unique_id "aVBJ3vXMLIi9MzfptugT4QAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 19:50:20 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 14:50:13.030402 2025] [security2:error] [pid 28991:tid 28991] [client 104.207.61.38:50865] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "smallbizreorg.com"] [uri "/.env"] [unique_id "aVA4dcMAph0QiLTwTDVJsQAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 17:50:36 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 12:50:32.907301 2025] [security2:error] [pid 811:tid 811] [client 104.207.61.38:55099] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "loneoakhoney.com"] [uri "/.git/HEAD"] [unique_id "aVAcaMQ36-yWHyvRuFIOogAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:12:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:12:44.539595 2025] [security2:error] [pid 6620:tid 6620] [client 104.207.61.38:29667] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.wholesalelivelobsters.com"] [uri "/.git/HEAD"] [unique_id "aSUsvPGZUHe8B-2OiecuowAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:23:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:23:20.735083 2025] [security2:error] [pid 11682:tid 11682] [client 104.207.61.38:49603] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.keeftone.com"] [uri "/.git/HEAD"] [unique_id "aSUhKE7dUWvRM7FtSCe8SgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:35:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:35:19.413214 2025] [security2:error] [pid 7808:tid 7808] [client 104.207.61.38:12831] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.billwegener.net"] [uri "/.env"] [unique_id "aSUV54KM-nkuycHNN-kPkAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 146 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 207.90.244.18

🇧🇴 181.115.208.189

🇮🇹 172.253.13.156

🇸🇬 165.232.169.124

🇭🇰 152.32.226.205

🇬🇧 51.75.161.33

🇳🇱 195.178.110.30

🇬🇧 194.32.120.52

🇩🇪 165.22.24.255

🇳🇱 160.119.78.78

🇺🇸 157.230.11.241

🇮🇳 128.185.116.114

🇨🇳 106.117.109.123

🇺🇸 76.149.207.185

🇺🇸 52.188.189.7

🇧🇷 46.202.145.215

🇧🇷 45.205.1.240

🇸🇬 43.173.181.54

🇸🇬 43.173.176.71

🇺🇸 31.57.63.117