JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.61.208

104.207.61.208 was found in our database!

This IP was reported 146 times. Confidence of Abuse is 16%: ?

16%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.61.208

Whois 104.207.61.208

IP Abuse Reports for 104.207.61.208:

This IP address has been reported a total of 146 times from 27 distinct sources. 104.207.61.208 was first reported on June 4th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 nowyouknow	2026-05-21 02:24:33 (2 weeks ago)	(From [email protected]) Hi there, Not sure who on your team handles Google Ads — could you ... show more (From [email protected]) Hi there, Not sure who on your team handles Google Ads — could you point me to the right person? My name is Ivan. I specialize in Google Ads and Google Ad Grants (and I share paid-ad strategies on YouTube). I visited your website: ultrahealthchiropractic.com and we are seeing that you guys are currently running Google Ads or have tried in the past. If you guys want, we could help you save a lot of money for a lifetime on the Google Ad Grants account that has a $10K/month free ad spend credit (provided and paid by Google Ads each month), meaning that you don't have to spend a dime each month to get free quality leads and sales. With our expertise on Google Ads, we can also help you set up successful ad campaigns, manage and optimize them to get you more customers/clients. If you have any questions private email me at: [email protected] If you’re not the right contact, please forward this or let me know who I should contact. Thanks for your time — show less	Phishing Web Spam
🇳🇱 MatStef132	2026-05-19 20:59:02 (2 weeks ago)	MatShield L7: blocked on dstat.selify.io (ua-quarantined)	Bad Web Bot
🇫🇷 MatStef132	2026-05-19 20:55:42 (2 weeks ago)	MatShield L7: blocked on mathost.eu (ua-quarantined)	Bad Web Bot
🇫🇷 MatStef132	2026-05-14 21:32:36 (3 weeks ago)	[mathost.eu] ua-q	DDoS Attack Bad Web Bot Web App Attack
🇺🇸 oncord	2026-05-05 04:46:41 (1 month ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2026-02-15 11:32:47 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:32:40.739163 2026] [security2:error] [pid 29585:tid 29585] [client 104.207.61.208:38737] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ozkanturker.com"] [uri "/new/.git/config"] [unique_id "aZGu2LPJ3RdmjZd_qsEP2AAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-15 11:24:22 (3 months ago)	104.207.61.208 - - [15/Feb/2026:11:24:00 +0000] "GET /admin/.git/config HTTP/1.1" 403 2429 "-" "Mozi ... show more 104.207.61.208 - - [15/Feb/2026:11:24:00 +0000] "GET /admin/.git/config HTTP/1.1" 403 2429 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 10:55:00 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 05:54:53.374081 2026] [security2:error] [pid 24054:tid 24054] [client 104.207.61.208:26077] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "seebeexee.com"] [uri "/test/.git/config"] [unique_id "aZGl_WhUkAkz_yNrRe_UgAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 07:09:31 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 02:09:22.198485 2026] [security2:error] [pid 30989:tid 30989] [client 104.207.61.208:19317] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ptfea.org"] [uri "/.env"] [unique_id "aZFxIrm_VQ2ntDpX_lIP7QAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-02-15 06:53:40 (3 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:40:18 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:40:14.602687 2026] [security2:error] [pid 4824:tid 4824] [client 104.207.61.208:51501] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scsurfside.net"] [uri "/backup/.git/config"] [unique_id "aZFqTmmRtYoXLEbVKBSnbQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:07:33 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:07:26.581881 2026] [security2:error] [pid 30198:tid 30198] [client 104.207.61.208:56635] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "schoolrx.org"] [uri "/.env.staging"] [unique_id "aZFinryLTvXz_p5vbyz_JQAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ger-stg-sifi1	2026-02-15 05:51:00 (3 months ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇩🇪 big-cloud.nl	2026-02-15 05:49:52 (3 months ago)	Try to access /app/.env	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:48:13 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:48:06.702760 2026] [security2:error] [pid 13400:tid 13400] [client 104.207.61.208:64311] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "prodivediving.com"] [uri "/site/.git/config"] [unique_id "aZFeFuc6yJ69BrFyzBkZLgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 146 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 218.21.182.228

🇭🇰 199.45.154.131

🇩🇪 185.242.3.226

🇺🇸 147.185.132.72

🇩🇪 134.209.245.22

🇮🇩 125.167.21.223

🇻🇳 116.110.14.186

🇳🇱 83.168.106.26

🇮🇳 68.233.116.124

🇧🇪 34.38.172.226

🇨🇳 14.103.127.2

🇺🇸 2604:a880:400:d1:0:4:8c0d:d001

🇺🇸 2001:470:1:fb5::1f2

🇳🇱 213.177.179.135

🇺🇸 207.90.244.17

🇧🇷 205.210.31.131

🇺🇸 205.210.31.99

🇧🇷 200.223.232.26

🇮🇳 182.95.52.170

🇲🇽 177.241.171.123