JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.60.101

104.207.60.101 was found in our database!

This IP was reported 122 times. Confidence of Abuse is 13%: ?

13%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.60.101

Whois 104.207.60.101

IP Abuse Reports for 104.207.60.101:

This IP address has been reported a total of 122 times from 12 distinct sources. 104.207.60.101 was first reported on July 4th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-11 01:47:11 (1 day ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 ipblock.com	2026-05-25 13:53:00 (2 weeks ago)	IPBlock protected site ID [669-fx]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-10 23:00:42 (4 months ago)	Auto-ban: >3000 req/min op 2026-02-10	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-10 06:40:59 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.101 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 01:40:54.713561 2026] [security2:error] [pid 13791:tid 13791] [client 104.207.60.101:50585] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kontikimotorcycles.com"] [uri "/.env.save"] [unique_id "aYrS9sgV6eMDS9EnlEYCiAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 04:18:23 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.101 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 23:18:19.205387 2026] [security2:error] [pid 14909:tid 14909] [client 104.207.60.101:54127] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iclog.us"] [uri "/admin/.env"] [unique_id "aYqxi7qBaWgbFVEbQKME5gAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:52:48 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.101 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:52:43.232856 2026] [security2:error] [pid 2744865:tid 2744865] [client 104.207.60.101:41401] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kittencream.com"] [uri "/config/.env"] [unique_id "aYqri3cMp4bpwzRnfNh-twAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:04:34 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.101 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:04:29.987221 2026] [security2:error] [pid 5884:tid 5884] [client 104.207.60.101:32425] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kathleenhazlett.com"] [uri "/new/.git/config"] [unique_id "aYpZ7eCbFHVir3ZLRF7jpQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-05 20:03:50 (5 months ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-12-28 01:09:50 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.101 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 20:09:45.359677 2025] [security2:error] [pid 5856:tid 5856] [client 104.207.60.101:59651] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tupansetc.com"] [uri "/.env"] [unique_id "aVCDWamRoibY9xHx9WFAMwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 19:29:49 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.101 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 14:29:43.393149 2025] [security2:error] [pid 16256:tid 16256] [client 104.207.60.101:22715] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gepteszt.com"] [uri "/.svn/wc.db"] [unique_id "aVAzpxmEs1G3Yu-P5m5hwQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Thaliruth	2025-12-26 16:32:14 (5 months ago)	104.207.60.101 - - [26/Dec/2025:17:32:12 +0100] "GET /.aws/credentials HTTP/1.1" 404 280 "-" "Mozill ... show more 104.207.60.101 - - [26/Dec/2025:17:32:12 +0100] "GET /.aws/credentials HTTP/1.1" 404 280 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" default:80 104.207.60.101 - - [26/Dec/2025:17:32:12 +0100] "GET /.aws/credentials HTTP/1.0" 404 444 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Brute-Force Web App Attack
🇱🇻 garmtech.com	2025-12-25 08:20:01 (5 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 10-20.104.207.60.101.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 10-20.104.207.60.101.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
Anonymous	2025-11-12 10:36:07 (7 months ago)	Attempted brute force login to web vpn 54 time(s); last attempt for 2025.11.12 is noted in report ti ... show more Attempted brute force login to web vpn 54 time(s); last attempt for 2025.11.12 is noted in report timestamp show less	Hacking Brute-Force
🇮🇹 Rosh	2025-10-24 02:29:47 (7 months ago)	[10/24/25 04:29:47] SSH: authentication failure	Brute-Force SSH
Anonymous	2025-04-06 23:49:41 (1 year ago)	Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.06 is noted in report tim ... show more Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.06 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 122 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 213.152.161.54

🇧🇷 177.128.224.122

🇷🇴 92.118.39.62

🇬🇪 212.58.102.107

🇺🇸 66.132.186.209

🇰🇷 61.32.68.66

🇨🇳 60.16.207.28

🇭🇰 8.217.192.50

🇨🇳 223.223.199.221

🇩🇪 213.209.159.56

🇰🇷 211.228.218.47

🇩🇪 194.36.25.45

🇺🇸 165.154.206.180

🇳🇱 160.119.69.16

🇨🇳 115.190.81.215

🇻🇳 103.130.213.223

🇻🇳 103.75.182.132

🇩🇪 86.103.34.61

🇷🇴 80.94.92.71

🇶🇦 37.186.40.36