JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.61.78

104.207.61.78 was found in our database!

This IP was reported 125 times. Confidence of Abuse is 13%: ?

13%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.61.78

Whois 104.207.61.78

IP Abuse Reports for 104.207.61.78:

This IP address has been reported a total of 125 times from 17 distinct sources. 104.207.61.78 was first reported on June 19th 2024, and the most recent report was 5 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 raph	2026-06-06 13:55:00 (5 hours ago)	[Wordpress] crawler /wp-admin/, /wp-content/, etc.	Bad Web Bot Web App Attack
🇩🇪 wlt-blocker	2026-05-28 06:27:43 (1 week ago)	Unauthorized access to webpage admin	Web App Attack
🇫🇷 Eldeberen	2026-02-13 12:47:51 (3 months ago)	Vulnerability scan attempt through HTTP protocol	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:44:18 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.78 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:44:12.750937 2026] [security2:error] [pid 18565:tid 18565] [client 104.207.61.78:9667] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marisa-mcphee.com"] [uri "/.env.save"] [unique_id "aY6eDG75w0OvE_0XsQvxqQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:57:04 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.78 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:56:58.766136 2026] [security2:error] [pid 24674:tid 24674] [client 104.207.61.78:28259] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "major33.com"] [uri "/.env.production"] [unique_id "aY6E6n4PeOAvBnpuk0dBOwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 oh.mg	2026-02-13 01:07:57 (3 months ago)	[Fri Feb 13 02:07:56.810115 2026] [security2:error] [pid 2938715:tid 2938734] [client 104.207.61.78: ... show more [Fri Feb 13 02:07:56.810115 2026] [security2:error] [pid 2938715:tid 2938734] [client 104.207.61.78:52703] [client 104.207.61.78] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "madsquirrels.net"] [uri "/site/.git/config"] [unique_id "aY55bCV8TSpPqJIzQiM-CAAAABE"] [Fri Feb 13 02:07:57.017588 2026] [security2:error] [pid 2938715:tid 2938725] [client 104.207.61.78:52703] [client 104.207.61.78] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10 ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 16:32:04 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.78 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 11:31:58.730205 2026] [security2:error] [pid 1064810:tid 1064870] [client 104.207.61.78:38397] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dwcwelding.com"] [uri "/.git/config"] [unique_id "aY4AfpmBkH5dhoNqV1gMKAAAAgE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 03:56:43 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.78 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 22:56:38.303583 2026] [security2:error] [pid 28879:tid 28879] [client 104.207.61.78:19065] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gayarab.com"] [uri "/.env.staging"] [unique_id "aY1PdoUkR4Ou49PlXtF-dQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-11 23:11:38 (3 months ago)	Blocking for trying to access an exploit file: /.env.save	Hacking
🇩🇪 Bedios GmbH	2025-12-29 21:13:02 (5 months ago)	Wordpress hacking attempt	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:06 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-25 02:34:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.78 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:34:30.471599 2025] [security2:error] [pid 13474:tid 13474] [client 104.207.61.78:29195] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.taniagedik.com"] [uri "/.env"] [unique_id "aSUVtpJyvmuNSklrpfaqnAAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:18:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.78 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:18:42.286631 2025] [security2:error] [pid 29414:tid 29414] [client 104.207.61.78:56469] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.daveslawncare.com"] [uri "/.svn/wc.db"] [unique_id "aSUSAqngbHnoyt3PVHYjRgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-04-07 10:12:03 (1 year ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-06 19:24:59 (1 year ago)	Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.06 is noted in report tim ... show more Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.06 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 125 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 147.185.132.91

🇫🇷 91.231.89.74

🇯🇵 8.216.90.10

🇳🇬 165.154.10.201

🇩🇰 158.173.74.223

🇫🇷 85.217.140.23

🇩🇪 82.25.102.20

🇸🇬 45.78.207.244

🇬🇧 31.171.130.27

🇺🇸 20.168.121.141

🇭🇰 152.32.226.205

🇱🇹 141.98.10.120

🇮🇩 103.193.176.131

🇺🇸 96.78.175.41

🇺🇸 74.125.179.19

🇳🇱 45.142.193.35

🇮🇩 203.175.125.130

🇺🇸 172.202.117.125

🇫🇷 95.111.230.59

🇳🇱 77.83.39.197