JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.61.253

104.207.61.253 was found in our database!

This IP was reported 129 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.61.253

Whois 104.207.61.253

IP Abuse Reports for 104.207.61.253:

This IP address has been reported a total of 129 times from 14 distinct sources. 104.207.61.253 was first reported on July 4th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-13 08:25:12 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:25:05.210625 2026] [security2:error] [pid 12171:tid 12171] [client 104.207.61.253:53683] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lacycustombuilt.com"] [uri "/backup/.git/config"] [unique_id "aY7f4fbAKDCp7dSqkssSbQAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:40:18 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:40:10.905400 2026] [security2:error] [pid 9774:tid 9827] [client 104.207.61.253:64179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kiwimagic.net"] [uri "/admin/.env"] [unique_id "aY6rKhaMNGeSYpngqzzl3AAAAVc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-13 02:06:32 (4 months ago)	Too many Status 40X (12) Scanning/Probing (12)	Brute-Force Web App Attack
🇺🇸 myagent.site	2026-02-13 01:52:41 (4 months ago)	Blocking for trying to access an exploit file: /backend/.env	Hacking
🇺🇸 TPI-Abuse	2026-02-13 01:41:23 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:41:17.372264 2026] [security2:error] [pid 17854:tid 17854] [client 104.207.61.253:58843] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alezius.com"] [uri "/.git/config"] [unique_id "aY6BPSKMD2fjWbWD2oZLWgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 17:39:16 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 12:39:12.056725 2026] [security2:error] [pid 30293:tid 30293] [client 104.207.61.253:48323] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bisbyphotography.com"] [uri "/.env"] [unique_id "aY4QQLYwL5HWE_zz92l_rgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 16:38:07 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 11:38:00.816083 2026] [security2:error] [pid 2786:tid 2786] [client 104.207.61.253:41429] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "atame.com"] [uri "/.env"] [unique_id "aY4B6MqYQV6d79S0XhTzwgAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 Valhalla	2026-02-12 16:22:21 (4 months ago)	/.env	Hacking Web App Attack
Anonymous	2026-02-12 09:45:31 (4 months ago)	"GET /config/.env HTTP/1.1"	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 05:58:07 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 00:57:58.976995 2026] [security2:error] [pid 13598:tid 13598] [client 104.207.61.253:30533] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cortona.ws"] [uri "/frontend/.env"] [unique_id "aYwaZlaIuQSrVg_chEMLBAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 01:37:26 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 20:37:22.290317 2026] [security2:error] [pid 3234540:tid 3234540] [client 104.207.61.253:50355] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cor-ex.com"] [uri "/.env.production"] [unique_id "aYvdUiFxtJSQtMM7USooewAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 17:57:05 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 12:56:57.754013 2026] [security2:error] [pid 13058:tid 13058] [client 104.207.61.253:9555] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "constructionloansfunding.com"] [uri "/admin/.env"] [unique_id "aYtxaXHkXLal0rtRpYFuJAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 15:08:43 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 10:08:35.855766 2026] [security2:error] [pid 27963:tid 27963] [client 104.207.61.253:62027] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "connectigramme.com"] [uri "/.env"] [unique_id "aYtJ8x7U4gqmFc5q2otJpwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 06:14:06 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 01:14:01.227565 2026] [security2:error] [pid 19929:tid 20003] [client 104.207.61.253:43511] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gfx-technology.com"] [uri "/config/.env"] [unique_id "aYrMqVn6EEqOJQgSnk0RlwAAAMI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 05:03:25 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 00:03:19.342286 2026] [security2:error] [pid 23754:tid 23754] [client 104.207.61.253:58251] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "getlawforms.com"] [uri "/v2/.git/config"] [unique_id "aYq8F5A4NSuIOO2VbuOvXgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 129 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2a09:bac1:76c0:1048::16b:135

🇨🇱 191.116.172.71

🇺🇸 172.110.223.207

🇺🇸 136.144.35.224

🇨🇳 112.27.129.78

🇺🇸 104.243.35.104

🇱🇹 81.30.98.158

🇸🇳 41.82.200.194

🇰🇷 222.108.100.117

🇳🇱 195.178.110.26

🇮🇶 185.240.17.98

🇨🇴 181.59.3.62

🇬🇧 167.99.199.1

🇰🇷 118.193.69.67

🇻🇳 113.182.27.101

🇻🇳 113.176.100.161

🇺🇸 73.57.39.120

🇷🇴 2.57.122.238

🇳🇱 217.60.195.26

🇫🇷 185.210.204.98