JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.61.84

104.207.61.84 was found in our database!

This IP was reported 142 times. Confidence of Abuse is 8%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.61.84

Whois 104.207.61.84

IP Abuse Reports for 104.207.61.84:

This IP address has been reported a total of 142 times from 17 distinct sources. 104.207.61.84 was first reported on June 4th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇳 ThreatBook.io	2026-05-11 01:01:04 (1 month ago)	ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/104.207.61.84 2026-05-10 21 ... show more ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/104.207.61.84 2026-05-10 21:48:51 /console/login/LoginForm.jsp 2026-05-10 21:48:58 /management/tenant-monitoring/servers 2026-05-10 21:48:53 /weblogic/ready 2026-05-10 21:49:01 /config/config.xml 2026-05-10 21:49:02 /wls-wsat/CoordinatorPortType show less	Web App Attack
🇬🇧 PeravixGroup	2026-05-07 11:14:09 (1 month ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: CRITICAL. Aaran.cloud show less	Hacking Exploited Host
🇫🇷 pm33	2026-02-13 12:53:29 (4 months ago)	Probing for resource vulnerabilities HTTP(S)	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 12:43:30 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 07:43:26.143162 2026] [security2:error] [pid 9825:tid 9825] [client 104.207.61.84:37301] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "microscopedia.com"] [uri "/.env"] [unique_id "aY8cbs6IdBMW7odn4xc_xgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 08:01:32 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:01:24.867623 2026] [security2:error] [pid 19638:tid 19638] [client 104.207.61.84:59379] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "meltonspace.com"] [uri "/test/.git/config"] [unique_id "aY7aVMQuv7rF_p7emmSdGAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:44:00 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:43:57.800717 2026] [security2:error] [pid 8128:tid 8128] [client 104.207.61.84:14441] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "medcoarabia.com"] [uri "/config/.env"] [unique_id "aY7ILS8JZTNlKEwYa6kzDAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:21:32 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:21:28.358311 2026] [security2:error] [pid 26753:tid 26753] [client 104.207.61.84:59667] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mcthorpe.com"] [uri "/.env"] [unique_id "aY7C6JvEFN-sTdcxE58YtAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 05:29:30 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:29:23.676716 2026] [security2:error] [pid 1366518:tid 1366518] [client 104.207.61.84:62987] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mauriene.com"] [uri "/.env.staging"] [unique_id "aY62s_XEEsqD1oQAMsl87wAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:59:04 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:59:00.999212 2026] [security2:error] [pid 1957274:tid 1957310] [client 104.207.61.84:42165] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "masterscertification.com"] [uri "/site/.git/config"] [unique_id "aY6vlDfMF1PpzQkxSxqyVQAAAJY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-13 03:48:34 (4 months ago)	Blocking for trying to access an exploit file: /.env.production	Hacking
🇺🇸 TPI-Abuse	2026-02-13 03:37:50 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:37:46.966996 2026] [security2:error] [pid 20134:tid 20134] [client 104.207.61.84:50561] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marilynmonroebookstore.com"] [uri "/.env.local"] [unique_id "aY6cijgZOcg22RC7UBRGlwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:12:33 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:12:26.546632 2026] [security2:error] [pid 11925:tid 11925] [client 104.207.61.84:63081] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marat.info"] [uri "/dev/.git/config"] [unique_id "aY6WmmBW0WURkdO1MPLxXAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ps-center	2026-02-13 02:02:40 (4 months ago)	SS1: Web Attack GET /admin/.git/config	Web Spam Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:25:31 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:25:22.613285 2026] [security2:error] [pid 5028:tid 5028] [client 104.207.61.84:43639] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "magnawebinc.com"] [uri "/admin/.git/config"] [unique_id "aY59gjk0Zne8hxDq-dmppwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 00:55:29 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 19:55:21.924215 2026] [security2:error] [pid 886:tid 886] [client 104.207.61.84:23813] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "madandproud.com"] [uri "/frontend/.env"] [unique_id "aY52eVpe5OIh2PrgHfGHFAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 142 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 118.145.104.37

🇵🇰 103.103.42.203

🇪🇬 102.191.239.143

🇨🇳 58.47.122.143

🇧🇪 34.53.175.198

🇻🇳 14.225.23.94

🇳🇱 2a09:bac2:4d99:26fa::3e2:c

🇺🇸 2607:f8b0:400e:c17::128

🇹🇼 198.235.24.77

🇧🇷 177.87.32.147

🇧🇦 109.163.173.213

🇦🇴 105.174.54.46

🇭🇰 103.226.124.223

🇺🇸 69.63.184.32

🇺🇸 52.173.109.189

🇺🇦 37.221.153.59

🇳🇱 213.152.161.54

🇺🇸 198.98.56.227

🇩🇪 185.242.3.226

🇲🇴 182.93.50.226