JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.60.109

104.207.60.109 was found in our database!

This IP was reported 139 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.60.109

Whois 104.207.60.109

IP Abuse Reports for 104.207.60.109:

This IP address has been reported a total of 139 times from 20 distinct sources. 104.207.60.109 was first reported on June 6th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-12 05:16:03 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 00:15:59.076451 2026] [security2:error] [pid 7228:tid 7228] [client 104.207.60.109:43871] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "artisticaphotography.com"] [uri "/app/.env"] [unique_id "aY1iD5RTseL6msyRQAs8uQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 04:39:48 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 23:39:41.311753 2026] [security2:error] [pid 19674:tid 19674] [client 104.207.60.109:40701] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "articulaterecords.com"] [uri "/.git/config"] [unique_id "aY1ZjcWjqx8XDqX8XP2c7QAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 21:16:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 16:16:49.237603 2026] [security2:error] [pid 10657:tid 10657] [client 104.207.60.109:38213] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "areaware-archive.com"] [uri "/admin/.env"] [unique_id "aYzxwfP13QEscLc3g1nMAgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 jjnxpct	2026-02-11 04:53:19 (4 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /api/.git/config (Rule ID: 930130) - Restricted File Access Attempt show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 15:31:19 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 10:31:09.262881 2026] [security2:error] [pid 25293:tid 25293] [client 104.207.60.109:60653] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "10bestcountryclubs.com"] [uri "/.env.save"] [unique_id "aYtPPThLdXjzSiGpsgexBQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 04:33:52 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 23:33:48.523132 2026] [security2:error] [pid 7556:tid 7556] [client 104.207.60.109:36205] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "icwcruisersguide.com"] [uri "/.env.production"] [unique_id "aYq1LPTzG_Jjzn3tTP0aKAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:11:20 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:11:12.001292 2026] [security2:error] [pid 22281:tid 22281] [client 104.207.60.109:35921] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kinnaird.enterprises"] [uri "/.env"] [unique_id "aYqh0HsKnC_k7uQ-HjqsawAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:21:06 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:20:59.419810 2026] [security2:error] [pid 24174:tid 24174] [client 104.207.60.109:45567] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kim-porter.com"] [uri "/dev/.git/config"] [unique_id "aYqWCxKjsMEWs7wI1P0eRgAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:12:16 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:11:42.131790 2026] [security2:error] [pid 31406:tid 31406] [client 104.207.60.109:63373] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hppagewideflorida.com"] [uri "/site/.git/config"] [unique_id "aYpprqIM4EUR5mgGUC6jQAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-09 22:59:51 (4 months ago)	Auto-ban: >3000 req/min op 2026-02-09	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-09 20:24:01 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:23:55.084267 2026] [security2:error] [pid 758:tid 758] [client 104.207.60.109:32811] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kanata.ws"] [uri "/.env"] [unique_id "aYpCW5CKktDmg_0KmpOaOQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2026-01-23 07:38:56 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇫🇷 tilellit.pro	2026-01-20 01:57:40 (4 months ago)	Fail2Ban banned 104.207.60.109 for security violations in jail wp-armour. Log: 2026/01/20 01:57:40 [ ... show more Fail2Ban banned 104.207.60.109 for security violations in jail wp-armour. Log: 2026/01/20 01:57:40 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 104.207.60.109 \| Target: wplogin" , client: 104.207.60.109, server: [REDACTED], request: "POST /wp-login.php HTTP/2.0", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
Anonymous	2026-01-05 20:36:24 (5 months ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇵🇱 sefinek.net	2025-12-22 21:49:08 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12.5; rv:114.0) Gecko/20100101 Firefox/114.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot

Showing 1 to 15 of 139 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 208.84.100.11

🇺🇦 195.60.175.119

🇩🇪 43.228.157.9

🇨🇳 36.137.249.148

🇬🇧 5.226.140.115

🇩🇪 185.249.74.198

🇩🇪 176.65.132.22

🇮🇳 106.222.226.210

🇯🇵 103.125.146.27

🇬🇧 35.203.211.158

🇸🇦 34.166.5.230

🇧🇷 34.151.203.215

🇩🇪 31.70.86.135

🇬🇧 5.226.140.13

🇺🇸 206.189.192.135

🇺🇸 195.184.76.66

🇺🇸 147.185.132.77

🇱🇻 94.30.138.98

🇧🇷 45.177.8.30

🇺🇸 38.213.44.82