JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 163.61.91.104

163.61.91.104 was found in our database!

This IP was reported 137 times. Confidence of Abuse is 100%: ?

100%

ISP	Cloudex Pakistan
Usage Type	Data Center/Web Hosting/Transit
ASN	AS153587
Domain Name	cloudex.pk
Country	🇵🇰 Pakistan
City	Karachi, Sindh

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 163.61.91.104

Whois 163.61.91.104

IP Abuse Reports for 163.61.91.104:

This IP address has been reported a total of 137 times from 116 distinct sources. 163.61.91.104 was first reported on May 27th 2026, and the most recent report was 18 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 Elysium Security	2026-06-25 20:20:34 (18 hours ago)	Mass port scanning on a whole network	Port Scan
🇫🇷 geot	2026-06-25 12:14:53 (1 day ago)	POST / HTTP/1.1 GET /.env HTTP/1.1	Port Scan Hacking Web App Attack
🇮🇪 AutosOnShow	2026-06-25 12:04:05 (1 day ago)	blocked for webapp attack \| path requested: /.env \| seen at 2026-06-25 12:03:17.111 \|	Web App Attack
🇺🇸 conrad10781	2026-06-25 12:01:44 (1 day ago)	nginx-direct-ip	Port Scan
🇵🇱 mkey	2026-06-25 06:16:07 (1 day ago)	[First: 2026-06-24 18:05:20/single] HITS=1 Sensitive file probing; sample=GET /.env 403	Port Scan Hacking Web App Attack
🇺🇸 cwytech	2026-06-24 21:11:32 (1 day ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/web-asn-lockdown-high.	Bad Web Bot Web App Attack
Anonymous	2026-06-24 20:21:45 (1 day ago)	"GET /.env HTTP/1.1"	Hacking Web App Attack
🇦🇱 router.al	2026-06-24 19:20:22 (1 day ago)	06/24/2026-19:20:22.233152 163.61.91.104 Protocol: 6 ET SCAN Laravel Debug Mode Information Disclosu ... show more 06/24/2026-19:20:22.233152 163.61.91.104 Protocol: 6 ET SCAN Laravel Debug Mode Information Disclosure Probe Inbound show less	Port Scan
🇫🇷 Dechavanne	2026-06-24 19:00:08 (1 day ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇮🇹 www.tana.it	2026-06-24 17:43:21 (1 day ago)	PHP scan	Web App Attack
🇦🇹 Starburst SysOp Team	2026-06-24 16:24:58 (1 day ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-vie6-1)	Hacking Bad Web Bot
🇳🇱 BlueWire Hosting	2026-06-24 15:55:17 (1 day ago)	Probing websites for vulnerabilities	Web App Attack
🇮🇹 Inartis	2026-06-24 15:39:43 (1 day ago)	163.61.91.104 - - [24/Jun/2026:17:39:42 +0200] "GET /.env HTTP/1.1" 302 445 "-" "Mozilla/5.0 (X11; L ... show more 163.61.91.104 - - [24/Jun/2026:17:39:42 +0200] "GET /.env HTTP/1.1" 302 445 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Donovan	2026-06-24 15:32:59 (1 day ago)	Web scan/exploit blocked by fail2ban on commitshift.fr - jail: npm-scan - 1 attempt(s)	Web App Attack
🇩🇪 kkeyser	2026-06-24 13:51:31 (2 days ago)	GET /.env HTTP/1.1	Web App Attack

Showing 1 to 15 of 137 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 175.198.62.180

🇩🇪 167.94.145.20

🇮🇳 202.53.94.246

🇲🇽 187.191.48.4

🇭🇰 152.32.135.151

🇳🇱 91.92.40.217

🇺🇸 83.142.53.110

🇳🇱 45.198.224.188

🇷🇺 176.210.100.170

🇺🇸 135.237.126.149

🇻🇳 103.70.116.30

🇺🇸 66.132.172.251

🇲🇾 47.250.117.176

🇳🇱 20.23.229.100

🇰🇷 222.108.100.117

🇨🇳 218.17.217.141

🇺🇸 207.90.244.26

🇨🇳 183.7.133.150

🇩🇪 167.94.146.67

🇫🇮 135.181.12.186