JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.61.92

104.207.61.92 was found in our database!

This IP was reported 148 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.61.92

Whois 104.207.61.92

IP Abuse Reports for 104.207.61.92:

This IP address has been reported a total of 148 times from 18 distinct sources. 104.207.61.92 was first reported on August 23rd 2022, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-01-05 20:31:37 (5 months ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:08 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇭🇷 IgorS.zg.hr	2025-12-27 23:19:44 (5 months ago)	Web application attack detected by fail2ban	Hacking Web App Attack
🇫🇮 Shaik Sai Meera	2025-12-27 22:40:11 (5 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇺🇸 TPI-Abuse	2025-12-27 21:05:19 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 16:05:14.026564 2025] [security2:error] [pid 4420:tid 4473] [client 104.207.61.92:55873] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "siraceservices.com"] [uri "/.svn/wc.db"] [unique_id "aVBKCh_dRAN9LoEXXjlTtgAAAFU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 iNetWorker	2025-12-27 19:05:54 (5 months ago)	trolling for resource vulnerabilities	Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 17:54:24 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 12:54:20.333184 2025] [security2:error] [pid 12753:tid 12753] [client 104.207.61.92:40673] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "heathdiesel.com"] [uri "/.env"] [unique_id "aVAdTDtOhNgN-qfovprDnwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 17:38:22 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 12:38:19.839042 2025] [security2:error] [pid 13743:tid 13743] [client 104.207.61.92:14787] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blackweddingfavors.com"] [uri "/.git/HEAD"] [unique_id "aVAZi0ZojcZkK_nJYn_p5AAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-26 05:19:03 (5 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-26 03:57:07 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 25 22:56:55.702926 2025] [security2:error] [pid 6558:tid 6558] [client 104.207.61.92:12797] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dodgersboosterclub.com"] [uri "/.svn/wc.db"] [unique_id "aU4HhzJYl_mlpl_XhCHRTAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 07:12:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:12:47.314845 2025] [security2:error] [pid 30774:tid 30774] [client 104.207.61.92:15641] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fatjesus.com"] [uri "/.env"] [unique_id "aSVW7210wN66Lxc7rpmJOAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 jjnxpct	2025-11-25 04:54:31 (6 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.svn/wc.db (Rule ID: 920440) - URL file extension is restricted by policy show less	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:05:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:05:23.387609 2025] [security2:error] [pid 20031:tid 20031] [client 104.207.61.92:18257] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crestrong.com"] [uri "/.env"] [unique_id "aSUO4z50HAJVydy8Ag35CAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:19:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:19:17.117914 2025] [security2:error] [pid 4282:tid 4282] [client 104.207.61.92:39551] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.thejuniverse.org"] [uri "/.svn/wc.db"] [unique_id "aSPq1Qes7etJtG0ygKsLNAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:04:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:04:22.466761 2025] [security2:error] [pid 20657:tid 20657] [client 104.207.61.92:30543] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "4md.lol"] [uri "/.env"] [unique_id "aSPZRlSdfTxs0-u3YqsAWQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 148 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 13.140.140.94

🇰🇷 222.114.167.159

🇲🇾 195.86.192.66

🇲🇽 186.96.145.241

🇦🇷 179.40.112.10

🇦🇷 170.155.2.13

🇮🇳 167.103.55.33

🇻🇳 125.212.217.143

🇻🇳 113.179.123.0

🇧🇬 79.124.62.230

🇺🇸 66.132.186.178

🇳🇱 45.198.224.23

🇦🇪 5.38.28.125

🇩🇪 209.38.237.48

🇪🇨 186.4.209.61

🇨🇳 180.76.240.16

🇰🇷 175.199.67.164

🇳🇱 172.94.9.65

🇻🇳 118.68.139.189

🇻🇳 116.110.43.157