JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.61.180

104.207.61.180 was found in our database!

This IP was reported 141 times. Confidence of Abuse is 10%: ?

10%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.61.180

Whois 104.207.61.180

IP Abuse Reports for 104.207.61.180:

This IP address has been reported a total of 141 times from 18 distinct sources. 104.207.61.180 was first reported on June 6th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 webgobe	2026-06-01 01:03:51 (1 week ago)	wew-Joomla User : try to access forms...	Hacking
🇱🇻 garmtech.com	2026-05-10 14:44:10 (1 month ago)	IM360 WAF: Old style account creation and modification in Joomla! MV:/ru/component/users/	Web App Attack
🇫🇷 masterguru	2026-03-27 21:34:37 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.61.180 (CA/Canada/-): 1 in the last 36 ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.61.180 (CA/Canada/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇪🇸 el-brujo	2026-01-09 04:11:01 (5 months ago)	[Fri Jan 09 05:10:58.306105 2026] [proxy_fcgi:error] [pid 2773135:tid 2773457] [remote 104.207.61.18 ... show more [Fri Jan 09 05:10:58.306105 2026] [proxy_fcgi:error] [pid 2773135:tid 2773457] [remote 104.207.61.180:0] AH01071: Got error 'Primary script unknown\n', referer: https://www.google.com [Fri Jan 09 05:11:00.252063 2026] [proxy_fcgi:error] [pid 2773136:tid 2773661] [remote 104.207.61.180:0] AH01071: Got error 'Primary script unknown\n', referer: https://www.google.com ... show less	Hacking Web App Attack
Anonymous	2026-01-05 20:13:06 (5 months ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇮🇩 BPS-StatisticsIndonesia	2025-12-23 17:03:03 (5 months ago)	WP Login Scan Activities	Web App Attack
🇺🇸 Psycho Solutions LLC	2025-12-07 19:33:11 (6 months ago)	Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User A ... show more Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User Agent: N/A - Timestamp: 12/7/2025 7:33 pm (UTC-6) show less	Web Spam Hacking Bad Web Bot Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-11-30 09:30:13 (6 months ago)	WP Login Scan Activities	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-11-29 01:23:32 (6 months ago)	WP Login Scan Activities	Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 18:59:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.180 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 13:59:11.510730 2025] [security2:error] [pid 15579:tid 15579] [client 104.207.61.180:45093] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "abundancecompany.com"] [uri "/.env"] [unique_id "aSiff_6ojQr5wp15j030CwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 i-turnradio.nl	2025-11-25 17:57:08 (6 months ago)	2025-11-25 @ 18:57:08 (CET) ~ Blocked based on risk assessment and prior abuse reports	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:04:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.180 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:04:24.883412 2025] [security2:error] [pid 15913:tid 15913] [client 104.207.61.180:13231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.bhsp.org"] [uri "/.git/HEAD"] [unique_id "aSVG6O5uCvr7Lyte4-seowAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:38:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.180 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:38:52.786973 2025] [security2:error] [pid 17410:tid 17410] [client 104.207.61.180:25795] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.panesarlaw.com"] [uri "/.env"] [unique_id "aSUWvJuTOP1PZxZbnQtOJgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:32:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.180 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:32:16.929382 2025] [security2:error] [pid 4802:tid 4802] [client 104.207.61.180:46427] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.furryfriendzy.org"] [uri "/.env"] [unique_id "aSQmILNT_uU82jFrke5_aAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:21:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.180 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:21:08.261145 2025] [security2:error] [pid 24046:tid 24046] [client 104.207.61.180:59961] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.snickerifabrik.com"] [uri "/.svn/wc.db"] [unique_id "aSPrRFbDAssJ76OcRm7yiQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 141 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 218.27.205.159

🇺🇸 216.180.246.196

🇰🇷 203.252.10.4

🇮🇳 203.192.249.106

🇺🇸 172.253.251.117

🇸🇬 165.154.205.91

🇭🇰 152.32.215.224

🇸🇬 129.226.221.96

🇮🇳 128.185.212.178

🇳🇱 64.188.77.26

🇨🇱 34.176.170.227

🇧🇪 34.76.223.85

🇬🇧 2a00:1450:4009:c0f::128

🇹🇼 198.235.24.99

🇺🇸 162.216.150.156

🇺🇸 162.216.149.111

🇮🇩 139.255.254.163

🇯🇵 124.155.125.131

🇺🇸 64.62.197.93

🇭🇰 43.154.195.142