JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.61.181

104.207.61.181 was found in our database!

This IP was reported 136 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.61.181

Whois 104.207.61.181

IP Abuse Reports for 104.207.61.181:

This IP address has been reported a total of 136 times from 14 distinct sources. 104.207.61.181 was first reported on June 7th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-02-15 12:50:06 (4 months ago)	Web attack/malicious scanning detected	Web App Attack
🇨🇭 Origon	2026-02-15 12:28:38 (4 months ago)	http-sensitive-files - IP: 104.207.61.181 - time="2026-02-15T13:28:38+01:00" level=info msg="(555f6 ... show more http-sensitive-files - IP: 104.207.61.181 - time="2026-02-15T13:28:38+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.61.181 (CA/200373) : 4h ban on Ip 104.207.61.181" module=db show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:58:29 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.181 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:58:21.903114 2026] [security2:error] [pid 1871230:tid 1871230] [client 104.207.61.181:49863] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tech-support.biz"] [uri "/.env.production"] [unique_id "aZG03czNnAns2Uq7pR8OhQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:43:09 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.181 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:43:03.483383 2026] [security2:error] [pid 2035:tid 2035] [client 104.207.61.181:59995] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thommesen.net"] [uri "/.env.local"] [unique_id "aZGxR9Wl5KyDI2WBbsWZoQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:16:34 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.181 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:16:26.789629 2026] [security2:error] [pid 29448:tid 29448] [client 104.207.61.181:28735] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thetallships.com"] [uri "/.env"] [unique_id "aZGrCg1OO-1dNQIL--0t4gAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:31:11 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.181 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:31:01.992798 2026] [security2:error] [pid 24896:tid 24896] [client 104.207.61.181:28585] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "taafe.xyz"] [uri "/test/.git/config"] [unique_id "aZFoJfCZ80CWW4Q4wXELcAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:51:38 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.181 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:51:35.081038 2026] [security2:error] [pid 26469:tid 26469] [client 104.207.61.181:42707] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "steveyett.com"] [uri "/config/.env"] [unique_id "aZFCx9-bizStD7C9v7Dx7AAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:11:57 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.181 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:11:49.826915 2026] [security2:error] [pid 26194:tid 26194] [client 104.207.61.181:13259] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stananddana.com"] [uri "/.env"] [unique_id "aZE5ddo8MqiY2hu6y1MTCQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:30:27 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.181 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:30:20.491860 2026] [security2:error] [pid 3833:tid 3833] [client 104.207.61.181:61253] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "spiralingmedia.com"] [uri "/admin/.env"] [unique_id "aZEvvOv8RXTMccUflnD4lgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:49:28 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.181 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:49:23.121218 2026] [security2:error] [pid 16553:tid 16553] [client 104.207.61.181:12185] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mrbaystreet.com"] [uri "/.env.production"] [unique_id "aZEYE8ctLKzVj72GY70grgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-02-15 00:28:55 (4 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:24:45 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.181 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:24:42.406161 2026] [security2:error] [pid 16140:tid 16140] [client 104.207.61.181:28555] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "loveoflearning.com"] [uri "/app/.env"] [unique_id "aZESSiq8sBOZEfLZHMJtWgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 23:21:17 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.181 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 18:21:12.502472 2026] [security2:error] [pid 7943:tid 7943] [client 104.207.61.181:20527] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "livinghopehighschool.org"] [uri "/backend/.env"] [unique_id "aZEDaNjdeaSIuOqHCOi-zQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 22:54:37 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.181 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 17:54:30.422143 2026] [security2:error] [pid 8288:tid 8288] [client 104.207.61.181:13909] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "linnardfinancial.com"] [uri "/v2/.git/config"] [unique_id "aZD9JgM5i1XJe0wERGEy-wAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 22:32:13 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.181 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 17:32:10.056005 2026] [security2:error] [pid 53128:tid 53128] [client 104.207.61.181:12537] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lightedpath.com"] [uri "/api/.env"] [unique_id "aZD36qAf9JpoYH8JahTPDAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 136 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 138.124.99.219

🇻🇳 103.176.24.57

🇳🇱 86.54.31.32

🇺🇸 77.73.14.243

🇺🇸 66.132.186.211

🇨🇦 20.116.27.239

🇺🇸 2001:470:2cc:1:b413:8fb7:c8bb:14dd

🇰🇷 211.216.58.204

🇷🇺 194.154.92.163

🇨🇳 183.66.166.30

🇳🇱 160.119.76.53

🇳🇱 160.119.76.16

🇨🇦 104.207.48.140

🇲🇦 102.97.156.33

🇭🇰 101.36.118.248

🇯🇵 101.36.104.242

🇫🇷 92.103.134.183

🇺🇸 91.132.198.23

🇳🇱 89.21.67.152

🇺🇸 3.236.128.201