JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 217.181.81.19

217.181.81.19 was found in our database!

This IP was reported 52 times. Confidence of Abuse is 100%: ?

100%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 217.181.81.19

Whois 217.181.81.19

IP Abuse Reports for 217.181.81.19:

This IP address has been reported a total of 52 times from 35 distinct sources. 217.181.81.19 was first reported on March 9th 2026, and the most recent report was 40 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-22 07:36:34 (40 minutes ago)	(mod_security) mod_security (id:210492) triggered by 217.181.81.19 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 217.181.81.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 03:36:28.613529 2026] [security2:error] [pid 7311:tid 7311] [client 217.181.81.19:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blog.nyemdr.com"] [uri "/.git/config"] [unique_id "ajjl_OanKvZQL6fhoAQIhwAAAAA"], referer: https://www.google.com/search?q=blog.nyemdr.com show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Baking333	2026-06-22 06:07:28 (2 hours ago)	[redacted] 217.181.81.19 - - [22/Jun/2026:07:07:23 +0100] "HEAD /.git/config HTTP/1.1" 302 6393 0/12 ... show more [redacted] 217.181.81.19 - - [22/Jun/2026:07:07:23 +0100] "HEAD /.git/config HTTP/1.1" 302 6393 0/128045 "https://[redacted]/search?q=[redacted]" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.4 Safari/605.1.15" [redacted] 217.181.81.19 - - [22/Jun/2026:07:07:24 +0100] "HEAD / HTTP/1.1" 200 1138 0/115394 "https://[redacted]/.git/config" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.4 Safari/605.1.15" show less	Bad Web Bot Web App Attack
Anonymous	2026-06-22 06:05:36 (2 hours ago)	217.181.81.19 - - [22/Jun/2026:02:05:36 -0400] "HEAD /.env.production HTTP/1.1" 404 4973 "-" "Mozill ... show more 217.181.81.19 - - [22/Jun/2026:02:05:36 -0400] "HEAD /.env.production HTTP/1.1" 404 4973 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" ... show less	Brute-Force Web App Attack SSH
🇩🇪 on-com	2026-06-22 04:19:34 (3 hours ago)	URL scan	Brute-Force Web App Attack
🇩🇪 paissangroup	2026-06-22 02:38:06 (5 hours ago)	Multiple WAF Violations	Web App Attack
🇩🇪 Trueforce Threat Report	2026-06-21 23:42:45 (8 hours ago)	Automated report, trolling for resource vulnerabilities	Bad Web Bot Web App Attack
🇩🇪 4server	2026-06-21 22:39:52 (9 hours ago)	[MonJun2200:39:50.3573582026][security2:error][pid961248:tid961251][client217.181.81.19:0]ModSecurit ... show more [MonJun2200:39:50.3573582026][security2:error][pid961248:tid961251][client217.181.81.19:0]ModSecurity:Accessdeniedwithcode403$phase1$.Patternmatch\"$\?i$$\?:/\(\?:\^\\|/$\\\\\\\\.$env\\|git\\|svn\\|hg\\|DS_Store$\\|/$\?:wp-config\\|\\\\\\\\.htaccess\\|\\\\\\\\.htpasswd$\\|\\\\\\\\.$\?:sql\\|bak\\|old\\|log$\$\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"156\"][id\"960720\"][msg\"Forbiddenfileaccessattempt\"][severity\"CRITICAL\"][hostname\"www.torrimonda.ch.136-243-54-122.cpanel.site\"][uri\"/wp-config.php.bak\"][unique_id\"ajhoNhEDcpGPBZq8EgkKNgAAAEA\"]\,referer:https://www.google.com/search\?q=www.torrimonda.ch.136-243-54-122.cpanel.site show less	Port Scan Brute-Force Web App Attack
🇬🇧 consul.to	2026-06-21 16:59:55 (15 hours ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 16:52:17 (15 hours ago)	(mod_security) mod_security (id:210492) triggered by 217.181.81.19 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 217.181.81.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 12:52:05.290742 2026] [security2:error] [pid 10268:tid 10268] [client 217.181.81.19:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pixacast.com"] [uri "/.git/HEAD"] [unique_id "ajgWtadnSIzR1i8LMQXErQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 Ivo Vynckier	2026-06-21 14:35:00 (17 hours ago)	217.181.81.19 - - [21/Jun/2026:10:25:09 +0200] "HEAD /.env.production HTTP/1.1" 403 0 "https://www.g ... show more 217.181.81.19 - - [21/Jun/2026:10:25:09 +0200] "HEAD /.env.production HTTP/1.1" 403 0 "https://www.google.com/search?q=www.how-ocr-works.com" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ChatGPT-User/1.0; +https://openai.com/bot)" 217.181.81.19 - - [21/Jun/2026:10:25:09 +0200] "HEAD /.env.old HTTP/1.1" 403 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 217.181.81.19 - - [21/Jun/2026:10:25:09 +0200] "HEAD /.vscode/settings.json HTTP/1.1" 301 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" show less	Web App Attack
🇨🇳 Peter Yu	2026-06-21 12:32:35 (19 hours ago)		Bad Web Bot Web App Attack
🇨🇭 TheCoon	2026-06-21 11:30:01 (20 hours ago)	Automated: Credential theft attempt - JSON bomb served	Web App Attack Hacking
🇺🇸 kosada.com	2026-06-21 09:46:52 (22 hours ago)	Web vulnerability probing: /secrets.yaml	Web App Attack
🇩🇪 FeG Deutschland	2026-06-21 09:36:35 (22 hours ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 12	Exploited Host Web App Attack
🇩🇪 strxmpp	2026-06-21 08:39:51 (23 hours ago)	217.181.81.19 - - [21/Jun/2026:10:39:47 +0200] "HEAD /.env.production HTTP/1.1" 404 4301 "https://ww ... show more 217.181.81.19 - - [21/Jun/2026:10:39:47 +0200] "HEAD /.env.production HTTP/1.1" 404 4301 "https://www.google.com/search?q=www.in-hagello.ch" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.4 Safari/605.1.15" ... show less	Bad Web Bot

Showing 1 to 15 of 52 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇬 193.24.211.107

🇺🇸 2607:f8b0:4004:1009::127

🇺🇿 185.139.138.182

🇮🇩 163.7.9.84

🇨🇳 106.75.176.119

🇮🇷 85.198.19.239

🇫🇮 74.125.46.155

🇺🇸 4.150.201.26

🇬🇧 212.227.125.15

🇧🇷 205.164.235.15

🇷🇴 141.98.83.48

🇨🇦 109.176.50.243

🇳🇱 103.69.224.38

🇱🇹 81.30.98.44

🇺🇸 43.153.59.240

🇺🇸 37.123.192.41

🇺🇸 35.247.28.64

🇳🇱 193.176.31.242

🇫🇷 146.70.194.220

🇭🇰 123.58.210.86