JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.61.114

104.207.61.114 was found in our database!

This IP was reported 148 times. Confidence of Abuse is 18%: ?

18%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.61.114

Whois 104.207.61.114

IP Abuse Reports for 104.207.61.114:

This IP address has been reported a total of 148 times from 24 distinct sources. 104.207.61.114 was first reported on June 7th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-06-01 06:40:05 (2 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇫🇷 COMAITE	2026-05-26 14:13:07 (3 weeks ago)	Suspicious URL access.	Web App Attack
🇮🇹 mgarofano80	2026-05-25 18:14:45 (3 weeks ago)		Brute-Force Web App Attack
🇬🇧 PeravixGroup	2026-05-09 04:05:51 (1 month ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇱🇻 garmtech.com	2026-03-28 10:24:52 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇩🇪 big-cloud.nl	2026-02-19 05:41:35 (4 months ago)	Try to access /backend/.env	Web App Attack
🇨🇭 backslash	2026-02-19 02:40:02 (4 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇫🇷 dynamix	2026-02-18 21:17:00 (4 months ago)	Multiple WAF Violations	Web App Attack
🇨🇦 SSH-Admin	2026-02-07 17:12:28 (4 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇨🇦 SSH-Admin	2025-12-27 13:45:08 (5 months ago)	Probing for Exploits	Exploited Host Web App Attack
Anonymous	2025-12-21 19:18:47 (5 months ago)	Attempted brute force login to web vpn 162 time(s); last attempt for 2025.12.21 is noted in report t ... show more Attempted brute force login to web vpn 162 time(s); last attempt for 2025.12.21 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-19 23:33:24 (6 months ago)	Attempted brute force login to web vpn 144 time(s); last attempt for 2025.12.19 is noted in report t ... show more Attempted brute force login to web vpn 144 time(s); last attempt for 2025.12.19 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-12-07 15:15:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.114 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.114 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 10:15:42.359002 2025] [security2:error] [pid 648:tid 648] [client 104.207.61.114:53939] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "swcbsa.org"] [uri "/.env"] [unique_id "aTWaHpM3MbQeJ81U894cXQAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 21:22:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.114 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.114 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 16:22:48.436167 2025] [security2:error] [pid 31862:tid 31862] [client 104.207.61.114:27587] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kinnaird.enterprises"] [uri "/.git/HEAD"] [unique_id "aTNNKAQDJHOtl10Zp9iAsQAAAD0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 07:14:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.114 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.114 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 02:14:08.055159 2025] [security2:error] [pid 31046:tid 31046] [client 104.207.61.114:34581] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jackpotclubcasinos.com"] [uri "/.svn/wc.db"] [unique_id "aTKGQHIEX5GJf_a-DGo-RwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 148 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 217.146.80.102

🇺🇸 198.29.50.58

🇨🇦 174.94.236.211

🇺🇸 144.31.35.246

🇲🇽 132.247.181.172

🇺🇸 107.150.101.57

🇺🇸 192.236.244.137

🇧🇷 129.121.54.208

🇵🇰 103.188.92.230

🇮🇹 93.92.75.146

🇷🇴 80.94.92.186

🇫🇷 51.159.149.103

🇨🇦 209.202.214.113

🇺🇸 147.185.132.199

🇸🇬 118.194.234.189

🇹🇷 88.241.72.40

🇸🇬 52.187.9.8

🇺🇸 34.82.182.218

🇺🇸 13.57.19.101

🇺🇸 192.169.201.223