JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.61.96

104.207.61.96 was found in our database!

This IP was reported 130 times. Confidence of Abuse is 15%: ?

15%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.61.96

Whois 104.207.61.96

IP Abuse Reports for 104.207.61.96:

This IP address has been reported a total of 130 times from 17 distinct sources. 104.207.61.96 was first reported on June 7th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-05-18 21:59:52 (3 weeks ago)	Auto-ban: >3000 req/min op 2026-05-18	Web App Attack SSH Hacking
🇺🇸 nowyouknow	2026-05-16 18:07:57 (3 weeks ago)	(From [email protected]) Customers are starting to expect websites to respond Look at wh ... show more (From [email protected]) Customers are starting to expect websites to respond Look at where this is heading. Someone lands on two competing websites. One responds instantly. Answers questions. Guides decisions. Books appointments. Captures intent. The other gives them menus, pages, and a form to submit. Which business wins? This is where the internet is heading. Soon, people will expect websites to act like intelligent assistants, not passive brochures. Once the standard changes, a normal static website can start to feel behind almost overnight. Not because they are bad businesses. Because customer behavior changed faster than they did. Business websites are turning into conversational AI entry points. That change has already started. See it in action now: https://ollehofficial.com Regards, — Amparo Salamanca The Olleh AI If at any point you no longer want to receive subsequent communications from us, kindly fill the form at bit. ly/fillunsubform wit show less	Phishing Web Spam
🇦🇺 oncord	2026-05-15 21:38:12 (3 weeks ago)	Form spam	Web Spam
🇺🇸 nowyouknow	2026-05-11 21:21:32 (1 month ago)	(From [email protected]) Soon customers will expect every website to talk The next phase is no ... show more (From [email protected]) Soon customers will expect every website to talk The next phase is not hard to see. A visitor compares two businesses online. One behaves like an intelligent assistant that can respond, recommend, qualify, and move the visitor forward. The other basically says: "Click around and figure it out." Which company gets the customer? This is the direction customer behavior is moving. Soon, people will expect websites to act like intelligent assistants, not passive brochures. Once the standard changes, a normal static website can start to feel behind almost overnight. Not because they are bad businesses. Because the way people interact online changed first. Websites are becoming AI-powered interfaces. That shift is already underway. Check it now: https://ollehofficial.com Many Thanks, — Kali Costa The Olleh AI Whenever you wish to stop getting further notifications from this campaign, feel free to fill the form at bit. ly/fillunsubform wit show less	Phishing Web Spam
🇺🇸 TPI-Abuse	2026-01-09 04:20:55 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 104.207.61.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 104.207.61.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 08 23:20:52.635560 2026] [security2:error] [pid 28568:tid 28568] [client 104.207.61.96:41757] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.laboquimia.es\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.laboquimia.es"] [uri "/database.sql"] [unique_id "aWCCJN6jUWEj4bR9L0xlOAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-01-04 15:38:02 (5 months ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇨🇭 backslash	2026-01-02 17:00:14 (5 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇵🇱 sefinek.net	2025-12-10 18:46:50 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-02 23:06:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 18:06:11.518627 2025] [security2:error] [pid 20994:tid 20994] [client 104.207.61.96:44013] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "1cdn.com"] [uri "/.git/HEAD"] [unique_id "aS9w4zDMv6HvQIzsjB6KJQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:50:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:50:34.727401 2025] [security2:error] [pid 30267:tid 30267] [client 104.207.61.96:10101] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mystudioinparis.com"] [uri "/.env"] [unique_id "aS5-Kv8VkjoVK8q4uwlV6QAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:15:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:15:42.789322 2025] [security2:error] [pid 27928:tid 27928] [client 104.207.61.96:59335] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "deindo.com"] [uri "/.env"] [unique_id "aS51_mjUtMPlh0MAqQT0cgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:59:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:59:29.983737 2025] [security2:error] [pid 9019:tid 9019] [client 104.207.61.96:59879] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "meganmurph.com"] [uri "/.svn/wc.db"] [unique_id "aS5yMUveJnN2sBwIopzKrQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:33:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:33:26.262972 2025] [security2:error] [pid 23130:tid 23130] [client 104.207.61.96:29187] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.serranolopezarquitectos.com"] [uri "/.git/HEAD"] [unique_id "aSVNtsu6GPWXznDqgIy7zgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-19 19:18:26 (7 months ago)	Attempted brute force login to web vpn 36 time(s); last attempt for 2025.10.19 is noted in report ti ... show more Attempted brute force login to web vpn 36 time(s); last attempt for 2025.10.19 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-18 18:27:21 (7 months ago)	Attempted brute force login to web vpn 18 time(s); last attempt for 2025.10.18 is noted in report ti ... show more Attempted brute force login to web vpn 18 time(s); last attempt for 2025.10.18 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 130 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.199.185.153

🇳🇱 190.2.135.111

🇭🇰 165.154.60.76

🇧🇷 104.252.20.168

🇮🇷 94.184.177.71

🇩🇪 88.130.213.195

🇮🇪 34.243.207.102

🇺🇸 20.163.15.123

🇰🇷 211.104.137.55

🇧🇷 187.9.247.58

🇳🇱 176.65.139.31

🇻🇳 171.244.39.95

🇮🇩 157.15.40.77

🇮🇩 143.20.49.38

🇨🇳 116.178.155.143

🇮🇳 103.197.112.137

🇷🇺 91.79.227.107

🇩🇪 84.32.10.175

🇩🇪 4.184.246.230

🇳🇱 212.8.249.134