JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.60.166

104.207.60.166 was found in our database!

This IP was reported 140 times. Confidence of Abuse is 17%: ?

17%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.60.166

Whois 104.207.60.166

IP Abuse Reports for 104.207.60.166:

This IP address has been reported a total of 140 times from 24 distinct sources. 104.207.60.166 was first reported on June 5th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-04-27 15:47:51 (1 month ago)	Brute force	Brute-Force
🇳🇱 ParaBug	2026-04-27 13:39:59 (1 month ago)	104.207.60.166 - - [27/Apr/2026:15:39:58 +0200] "GET http://51-15-23-24.rev.poneytelecom.eu/.env HTT ... show more 104.207.60.166 - - [27/Apr/2026:15:39:58 +0200] "GET http://51-15-23-24.rev.poneytelecom.eu/.env HTTP/1.1" 403 440 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Phishing Brute-Force Web App Attack
Anonymous	2026-04-20 20:59:23 (1 month ago)	"GET http://voyager.bstnet.org/.aws/credentials HTTP/1.1"	Hacking Web App Attack
🇫🇷 COMAITE	2026-04-15 13:27:52 (1 month ago)	CMS (WordPress or Joomla) brute force attempt.	Web App Attack
🇫🇷 dynamix	2026-04-14 19:10:57 (1 month ago)	WordPress wp-login.php Brute Force Attack	Brute-Force Web App Attack
🇫🇷 dynamix	2026-04-14 18:55:53 (1 month ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2026-01-06 20:12:35 (5 months ago)	WP Login Scan Activities	Web App Attack
Anonymous	2026-01-05 20:34:29 (5 months ago)	Attempted brute force login to web vpn 18 time(s); last attempt for 2026.01.05 is noted in report ti ... show more Attempted brute force login to web vpn 18 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-30 20:33:31 (5 months ago)	"GET /.env HTTP/1.1"	Hacking Web App Attack
Anonymous	2025-12-30 13:20:58 (5 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇨🇭 blinx	2025-12-30 04:18:30 (5 months ago)	Suspicious activity detected by Modsecurity	Web Spam Port Scan Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:27:45 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.166 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:27:41.085910 2025] [security2:error] [pid 2980:tid 3001] [client 104.207.60.166:26203] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mjkotob.com"] [uri "/.env"] [unique_id "aVIRTRVtsv2QY781bBrWlAAAANM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:14:18 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.166 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:14:12.483836 2025] [security2:error] [pid 2399:tid 2399] [client 104.207.60.166:29905] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "haroturkiye.com"] [uri "/.svn/wc.db"] [unique_id "aVIAFFSovkqGZuVORssceQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-12-14 11:32:36 (5 months ago)	WP Login Scan Activities	Web App Attack
Anonymous	2025-12-12 17:07:38 (5 months ago)	wordpress-trap	Web App Attack

Showing 1 to 15 of 140 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 217.146.80.118

🇭🇰 199.45.154.115

🇮🇷 185.83.88.248

🇳🇱 176.65.149.30

🇺🇸 47.251.252.169

🇺🇸 34.162.100.166

🇬🇧 195.140.214.28

🇬🇧 194.50.235.147

🇨🇳 180.112.81.188

🇧🇷 179.48.4.14

🇳🇱 176.65.139.56

🇱🇾 160.19.103.218

🇺🇸 150.107.38.225

🇨🇭 85.5.148.125

🇺🇸 50.16.68.7

🇲🇾 49.124.151.85

🇺🇸 2607:f8b0:4001:c32::12e

🇺🇸 2604:a880:400:d1:0:4:8c0c:1

🇹🇷 176.91.181.25

🇸🇪 138.124.71.25