JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 108.61.189.136

108.61.189.136 was found in our database!

This IP was reported 46 times. Confidence of Abuse is 12%: ?

12%

This address is a Tor exit node. Neither the owner nor the provider are directly behind the offending action.

ISP	Vultr Holdings, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS20473
Hostname(s)	108.61.189.136.vultrusercontent.com
Domain Name	vultr.com
Country	🇳🇱 Netherlands
City	Haarlem, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 108.61.189.136

Whois 108.61.189.136

IP Abuse Reports for 108.61.189.136:

This IP address has been reported a total of 46 times from 26 distinct sources. 108.61.189.136 was first reported on June 1st 2023, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-06 01:01:18 (1 month ago)	2026-05-05 19:00:05,873 fail2ban.actions [3625835]: NOTICE [tor] Ban 108.61.189.136 2026-05- ... show more 2026-05-05 19:00:05,873 fail2ban.actions [3625835]: NOTICE [tor] Ban 108.61.189.136 2026-05-05 22:00:03,124 fail2ban.actions [3625835]: NOTICE [tor] Ban 108.61.189.136 2026-05-06 00:00:09,503 fail2ban.actions [3625835]: NOTICE [tor] Ban 108.61.189.136 2026-05-06 02:00:18,724 fail2ban.actions [3625835]: NOTICE [tor] Ban 108.61.189.136 2026-05-06 04:01:17,495 fail2ban.actions [3625835]: NOTICE [tor] Ban 108.61.189.136 show less	Brute-Force
🇬🇧 AvonleaConsulting	2026-04-30 22:59:38 (1 month ago)	Attempts to probe web pages for vulnerable PHP or other applications	Web App Attack
🇬🇧 AvonleaConsulting	2026-04-30 12:21:53 (1 month ago)	Scanning unused Default website or suspicious access to valid sites from IP marked as abusive	Bad Web Bot Web App Attack
Anonymous	2026-04-24 21:00:26 (1 month ago)	2026-04-24 12:00:05,210 fail2ban.actions [7718]: NOTICE [tor] Ban 108.61.189.136 2026-04-24 ... show more 2026-04-24 12:00:05,210 fail2ban.actions [7718]: NOTICE [tor] Ban 108.61.189.136 2026-04-24 15:00:05,145 fail2ban.actions [7718]: NOTICE [tor] Ban 108.61.189.136 2026-04-24 18:00:05,061 fail2ban.actions [7718]: NOTICE [tor] Ban 108.61.189.136 2026-04-24 21:00:16,000 fail2ban.actions [7718]: NOTICE [tor] Ban 108.61.189.136 2026-04-25 00:00:19,538 fail2ban.actions [7718]: NOTICE [tor] Ban 108.61.189.136 show less	Brute-Force
Anonymous	2026-04-23 04:55:07 (1 month ago)	Automated bot traffic — residential proxy, fake browser fingerprint. UA="Mozilla/5.0 (Windows NT 10. ... show more Automated bot traffic — residential proxy, fake browser fingerprint. UA="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" show less	Bad Web Bot Web App Attack
Anonymous	2026-03-17 19:00:29 (2 months ago)	2026-03-17 10:00:05,216 fail2ban.actions [3511917]: NOTICE [tor] Ban 108.61.189.136 2026-03- ... show more 2026-03-17 10:00:05,216 fail2ban.actions [3511917]: NOTICE [tor] Ban 108.61.189.136 2026-03-17 13:00:04,824 fail2ban.actions [3511917]: NOTICE [tor] Ban 108.61.189.136 2026-03-17 15:00:20,538 fail2ban.actions [3511917]: NOTICE [tor] Ban 108.61.189.136 2026-03-17 18:00:05,425 fail2ban.actions [3511917]: NOTICE [tor] Ban 108.61.189.136 2026-03-17 21:00:21,923 fail2ban.actions [3511917]: NOTICE [tor] Ban 108.61.189.136 show less	Brute-Force
🇸🇬 dankmemer3920	2026-01-27 04:58:23 (4 months ago)	CrowdSec: import to_import.txt- 56363 ips	Port Scan
🇺🇸 TPI-Abuse	2025-12-22 17:11:21 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 108.61.189.136 (108.61.189.136.vultrusercontent ... show more (mod_security) mod_security (id:210492) triggered by 108.61.189.136 (108.61.189.136.vultrusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 22 12:11:13.951690 2025] [security2:error] [pid 6237:tid 6237] [client 108.61.189.136:36610] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.fourminutedecision.com"] [uri "/.git/config"] [unique_id "aUl7sQ7yiQZhZsYulmjYSwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 gu-alvareza	2025-12-05 07:05:16 (6 months ago)	HTTP.URI.Script.XSS	Hacking
🇳🇱 exxos	2025-09-16 11:08:03 (8 months ago)	Attacks with Bad user agents	Hacking
🇨🇭 backslash	2025-09-06 15:35:41 (9 months ago)		DDoS Attack
Anonymous	2025-08-27 20:57:16 (9 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-08-17 12:43:01 (9 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇫🇷 Hydra-Shield.fr	2025-08-01 23:23:26 (10 months ago)	Automated DDoS behavior detected targeting production services. Multiple anomalous connections and p ... show more Automated DDoS behavior detected targeting production services. Multiple anomalous connections and packet floods recorded. show less	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-08-01 14:40:35 (10 months ago)	(mod_security) mod_security (id:210492) triggered by 108.61.189.136 (108.61.189.136.vultrusercontent ... show more (mod_security) mod_security (id:210492) triggered by 108.61.189.136 (108.61.189.136.vultrusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 01 10:40:31.376627 2025] [security2:error] [pid 30597:tid 30597] [client 108.61.189.136:58380] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.treasurechestvideos.maledon.com"] [uri "/.git/config"] [unique_id "aIzR36ReM8J08x5_l83I1QAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 46 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 45.148.10.240

🇩🇪 155.117.127.214

🇳🇱 91.92.241.87

🇸🇬 47.82.53.94

🇳🇱 45.156.87.216

🇳🇱 176.65.139.112

🇬🇧 151.236.39.195

🇺🇸 45.156.129.167

🇬🇧 217.154.61.249

🇺🇸 147.185.132.96

🇮🇩 103.191.92.72

🇸🇬 103.13.206.100

🇸🇪 74.241.134.117

🇺🇸 70.120.203.193

🇨🇳 61.160.105.66

🇨🇳 60.166.82.129

🇳🇱 45.148.10.157

🇲🇽 186.96.145.241

🇳🇱 185.223.235.36

🇬🇧 51.195.183.66