JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.61.225

104.207.61.225 was found in our database!

This IP was reported 140 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.61.225

Whois 104.207.61.225

IP Abuse Reports for 104.207.61.225:

This IP address has been reported a total of 140 times from 27 distinct sources. 104.207.61.225 was first reported on June 5th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 Burayot	2026-02-13 06:01:18 (4 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.61.225 (CA/Canada/-): 1 in ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.61.225 (CA/Canada/-): 1 in the last 3600 secs show less	Web App Attack
🇩🇪 big-cloud.nl	2026-02-13 05:01:07 (4 months ago)	Try to access /.env	Web App Attack
🇪🇸 10dencehispahard SL	2026-02-12 22:00:06 (4 months ago)	Unauthorized login attempts [ accesslogs]	Brute-Force
🇩🇪 Carsten	2026-02-12 21:04:49 (4 months ago)	GET [.env]	Port Scan
🇳🇱 BlueWire Hosting	2026-02-12 08:06:19 (4 months ago)	Probing websites for vulnerabilities	Web App Attack
🇳🇱 jjnxpct	2026-02-12 04:49:11 (4 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.env.local (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .env found within REQUEST_FILENAME: /.env.local] show less	Hacking Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-11 23:00:23 (4 months ago)	Auto-ban: >3000 req/min op 2026-02-11	Hacking Web App Attack SSH
🇺🇸 myagent.site	2026-02-11 08:03:16 (4 months ago)	Blocking for trying to access an exploit file: /app/.env	Hacking
Anonymous	2026-02-10 05:18:09 (4 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 04:11:46 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.225 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 23:11:42.269429 2026] [security2:error] [pid 26050:tid 26072] [client 104.207.61.225:58701] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gestorialuengo.com"] [uri "/.env.local"] [unique_id "aYqv_q1UgaM_WI2BO8hLFQAAAFI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:55:48 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.225 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:55:42.308651 2026] [security2:error] [pid 14757:tid 14757] [client 104.207.61.225:56093] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gervais-family.com"] [uri "/config/.env"] [unique_id "aYqsPrc0gY37i0iTLt5HbwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:37:11 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.225 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:37:01.743332 2026] [security2:error] [pid 2372:tid 2372] [client 104.207.61.225:9763] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "geriart.net"] [uri "/frontend/.env"] [unique_id "aYqn3bSQSFSyo1u1dVmRVAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:26:42 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.225 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:26:38.351504 2026] [security2:error] [pid 1773694:tid 1773694] [client 104.207.61.225:40879] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gensou.net"] [uri "/.env"] [unique_id "aYqXXlrsmhZhAAb-RlcrUwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-10 01:43:51 (4 months ago)	Blocking for trying to access an exploit file: /.env.staging	Hacking
🇺🇸 TPI-Abuse	2026-02-09 23:54:29 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.225 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:54:17.988543 2026] [security2:error] [pid 23408:tid 23408] [client 104.207.61.225:52399] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gdcservices.com"] [uri "/admin/.git/config"] [unique_id "aYpzqSDn4HVGtqrPdKadTQAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 140 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 165.154.36.71

🇺🇸 135.237.126.220

🇨🇳 124.74.101.178

🇮🇳 103.162.217.76

🇺🇸 66.132.186.222

🇱🇹 62.60.130.139

🇨🇦 20.104.205.212

🇷🇴 2.57.122.177

🇺🇸 216.218.206.93

🇩🇪 89.208.103.11

🇺🇸 85.239.239.57

🇷🇺 82.202.141.164

🇺🇸 71.6.158.166

🇹🇭 58.10.58.0

🇩🇪 51.89.39.37

🇨🇳 8.152.171.185

🇧🇪 172.253.248.49

🇫🇮 147.185.133.0

🇺🇸 107.173.100.91

🇺🇸 104.243.35.120