JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.61.132

104.207.61.132 was found in our database!

This IP was reported 129 times. Confidence of Abuse is 13%: ?

13%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.61.132

Whois 104.207.61.132

IP Abuse Reports for 104.207.61.132:

This IP address has been reported a total of 129 times from 9 distinct sources. 104.207.61.132 was first reported on June 6th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-06-25 00:16:39 (1 day ago)	Brute force	Brute-Force
Anonymous	2026-06-09 12:48:08 (2 weeks ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2026-01-05 20:12:04 (5 months ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-12-27 23:38:45 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.132 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 18:38:39.523079 2025] [security2:error] [pid 6074:tid 6074] [client 104.207.61.132:23601] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "architx.com"] [uri "/.env"] [unique_id "aVBt_263vfJxGawPyW2vUAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 21:13:15 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.132 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 16:13:10.152065 2025] [security2:error] [pid 4423:tid 4447] [client 104.207.61.132:16993] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nepsco.com"] [uri "/.env"] [unique_id "aVBL5tu6wujL4ezQKRa2WAAAARY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 16:52:56 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.132 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 11:52:52.730363 2025] [security2:error] [pid 3803:tid 3803] [client 104.207.61.132:17255] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blackjobsnetwork.com"] [uri "/.env"] [unique_id "aVAO5GHi2Q_bHW2hQ7NGGwAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 16:26:41 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.132 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 11:26:34.656592 2025] [security2:error] [pid 31198:tid 31198] [client 104.207.61.132:56679] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vaerobics.com"] [uri "/.git/HEAD"] [unique_id "aVAIulqrFpae5r4RM5K57AAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-26 03:57:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.132 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 25 22:56:50.524281 2025] [security2:error] [pid 7965:tid 7965] [client 104.207.61.132:59623] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.dodgersboosterclub.com"] [uri "/.svn/wc.db"] [unique_id "aU4HgpNXxH5ZjVi3uoJqPwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-27 13:39:56 (6 months ago)	Attempted brute force login to web vpn 1262 time(s); last attempt for 2025.11.27 is noted in report ... show more Attempted brute force login to web vpn 1262 time(s); last attempt for 2025.11.27 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-24 06:22:05 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.132 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:21:59.389760 2025] [security2:error] [pid 24851:tid 24851] [client 104.207.61.132:17505] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.allisonstiles.org"] [uri "/.env"] [unique_id "aSP5h6mIvv-pVvFyPFMPLwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:14:50 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.132 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:14:24.440847 2025] [security2:error] [pid 23521:tid 23521] [client 104.207.61.132:56321] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.gmsdigita.com"] [uri "/.git/HEAD"] [unique_id "aSPpsLpKXSvOgf-yMYfJvgAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:39:32 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.132 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:39:24.968626 2025] [security2:error] [pid 18193:tid 18267] [client 104.207.61.132:60311] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.victorchiarizia.com"] [uri "/.svn/wc.db"] [unique_id "aSPhfJqABul9tZzps9kdhAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:11:23 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.132 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:11:16.395204 2025] [security2:error] [pid 10036:tid 10036] [client 104.207.61.132:56865] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.basse.lahamradio.com"] [uri "/.env"] [unique_id "aSPa5Ba2WS_swQLZTsYjIAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:21:07 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.132 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:21:01.036720 2025] [security2:error] [pid 18740:tid 18740] [client 104.207.61.132:20637] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.uphillfarmvt.com"] [uri "/.env"] [unique_id "aSPPHSXIokkbLk9UMFDk9AAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-18 23:37:18 (7 months ago)	Attempted brute force login to web vpn 468 time(s); last attempt for 2025.11.18 is noted in report t ... show more Attempted brute force login to web vpn 468 time(s); last attempt for 2025.11.18 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 129 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇪 200.82.188.171

🇺🇸 45.61.187.220

🇳🇱 176.65.149.236

🇧🇷 170.84.106.144

🇩🇪 165.227.172.206

🇺🇸 143.198.225.197

🇨🇳 121.229.156.77

🇹🇷 94.55.172.6

🇺🇸 195.184.76.209

🇧🇬 193.24.211.107

🇦🇷 181.104.2.65

🇺🇸 162.216.150.113

🇨🇳 150.255.177.5

🇳🇱 91.92.40.10

🇬🇧 90.247.117.159

🇫🇷 77.237.244.154

🇺🇸 66.132.172.156

🇳🇱 34.178.197.222

🇬🇷 194.154.48.4

🇨🇳 112.86.225.159