JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.61.41

104.207.61.41 was found in our database!

This IP was reported 141 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.61.41

Whois 104.207.61.41

IP Abuse Reports for 104.207.61.41:

This IP address has been reported a total of 141 times from 25 distinct sources. 104.207.61.41 was first reported on June 6th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-19 03:28:38 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 22:28:30.768223 2026] [security2:error] [pid 8410:tid 8410] [client 104.207.61.41:55555] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kh6jim.com"] [uri "/v2/.git/config"] [unique_id "aZaDXm_urG7Kiy83FgJ53AAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 21:00:46 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 16:00:38.983247 2026] [security2:error] [pid 4571:tid 4571] [client 104.207.61.41:60189] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tt-w.com"] [uri "/v2/.git/config"] [unique_id "aZYodnYmBvtWljwGTEBMLQAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 iNetWorker	2026-02-18 17:20:26 (3 months ago)	trolling for resource vulnerabilities	Web App Attack
🇺🇦 URAN Publishing Service	2026-02-18 12:05:21 (3 months ago)	104.207.61.41 - - [18/Feb/2026:14:05:20 +0200] "GET /.env HTTP/1.1" 404 2904 "-" "Mozilla/5.0 (Windo ... show more 104.207.61.41 - - [18/Feb/2026:14:05:20 +0200] "GET /.env HTTP/1.1" 404 2904 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" 104.207.61.41 - - [18/Feb/2026:14:05:21 +0200] "GET /api/.env HTTP/1.1" 404 404 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 12:04:42 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 07:04:39.282776 2026] [security2:error] [pid 1186433:tid 1186433] [client 104.207.61.41:9895] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "watermarks.info"] [uri "/.env.local"] [unique_id "aZWq14TUBU9azhpaUnHI1wAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 11:46:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 06:46:21.091001 2026] [security2:error] [pid 23131:tid 23131] [client 104.207.61.41:58965] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "walterjhoodco.com"] [uri "/test/.git/config"] [unique_id "aZWmjZ1SQ7tHxzy5-R_1RwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-09 22:10:50 (3 months ago)	Blocking for trying to access an exploit file: /.env.local	Hacking
🇺🇸 TPI-Abuse	2026-02-09 21:33:45 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:33:42.401599 2026] [security2:error] [pid 18015:tid 18015] [client 104.207.61.41:17537] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gardnercastle.com"] [uri "/test/.git/config"] [unique_id "aYpStoV2f32uefxpDJxxYAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:57:51 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:57:43.283601 2026] [security2:error] [pid 20110:tid 20110] [client 104.207.61.41:50407] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gandmaquatics.com"] [uri "/.env.staging"] [unique_id "aYpKR2JwIIWD10wp09TQNwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:40:46 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:40:37.225546 2026] [security2:error] [pid 7531:tid 7531] [client 104.207.61.41:63337] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gamerah.net"] [uri "/.env.staging"] [unique_id "aYpGRZT9v79hdn90FllcBwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 18:54:52 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 13:54:46.691690 2026] [security2:error] [pid 19158:tid 19158] [client 104.207.61.41:29883] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fydelity.net"] [uri "/app/.env"] [unique_id "aYotdhpLF9HN8Uwq7bLe6gAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 afleventoffice.com.au	2026-02-09 01:58:17 (3 months ago)	GET /admin/.git/config HTTP/1.1	Web App Attack
🇮🇹 VHosting	2026-01-20 11:30:11 (4 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
Anonymous	2026-01-03 13:41:38 (5 months ago)	Attempted brute force login to web vpn 18 time(s); last attempt for 2026.01.03 is noted in report ti ... show more Attempted brute force login to web vpn 18 time(s); last attempt for 2026.01.03 is noted in report timestamp show less	Hacking Brute-Force
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:07 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam

Showing 1 to 15 of 141 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 221.226.232.42

🇰🇷 221.144.91.155

🇨🇳 106.75.189.53

🇲🇩 217.156.64.228

🇺🇸 208.84.100.71

🇺🇸 206.189.180.100

🇹🇼 198.235.24.106

🇦🇪 176.205.69.152

🇹🇭 147.50.103.212

🇬🇧 109.75.164.236

🇺🇸 107.172.204.15

🇨🇳 106.117.105.40

🇵🇰 103.134.2.20

🇺🇸 66.132.186.242

🇺🇸 45.8.19.194

🇺🇸 20.65.193.108

🇦🇹 213.225.38.154

🇨🇳 203.189.196.168

🇮🇩 202.10.41.249

🇺🇸 199.48.128.86