JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.60.172

104.207.60.172 was found in our database!

This IP was reported 139 times. Confidence of Abuse is 7%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.60.172

Whois 104.207.60.172

IP Abuse Reports for 104.207.60.172:

This IP address has been reported a total of 139 times from 19 distinct sources. 104.207.60.172 was first reported on June 5th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-03 18:23:48 (1 month ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 2375. Severity: HI ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 2375. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇮🇹 [email protected]	2026-04-18 00:37:39 (1 month ago)	[Sat Apr 18 02:37:39.517433 2026] [authz_core:error] [pid 560720:tid 560797] [remote 104.207.60.172: ... show more [Sat Apr 18 02:37:39.517433 2026] [authz_core:error] [pid 560720:tid 560797] [remote 104.207.60.172:37797] AH01630: client denied by server configuration: /var/www/html/MyWeb/Wordpress_www/wp-login.php ... show less	Brute-Force Web App Attack
🇬🇧 consul.to	2026-02-15 12:51:10 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:28:19 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:28:12.099439 2026] [security2:error] [pid 2852:tid 2852] [client 104.207.60.172:45145] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thewhoscountingband.com"] [uri "/app/.env"] [unique_id "aZGtzP-TX25aZs7JtDyWmQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:52:15 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:52:07.627366 2026] [security2:error] [pid 8453:tid 8453] [client 104.207.60.172:22655] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "suedblick.com"] [uri "/config/.env"] [unique_id "aZFQ9x_NfqIureFnFYI0egAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:45:38 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:45:35.362227 2026] [security2:error] [pid 11858:tid 11858] [client 104.207.60.172:50439] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stepiz62.com"] [uri "/backup/.git/config"] [unique_id "aZFBX3Xt3N--xWRD1JoUVQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇴 INTEQ	2026-02-15 02:32:31 (3 months ago)	Web attack from 104.207.60.172	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:31:48 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:31:41.535884 2026] [security2:error] [pid 23287:tid 23340] [client 104.207.60.172:32313] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "spiritualchristian.com"] [uri "/.env.staging"] [unique_id "aZEwDY6jtjP5LgwlR2nPfQAAAdM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:31:16 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:31:12.686842 2026] [security2:error] [pid 26410:tid 26410] [client 104.207.60.172:34097] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lozzy.net"] [uri "/.env.local"] [unique_id "aZET0C37InWavWA71YC5IQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-14 23:06:23 (3 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 22:48:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 17:48:50.276331 2026] [security2:error] [pid 29885:tid 29885] [client 104.207.60.172:40003] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "line2.biz"] [uri "/new/.git/config"] [unique_id "aZD70iyNxN8qE_AdgqZOmAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 21:43:21 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 16:43:16.010254 2026] [security2:error] [pid 18518:tid 18518] [client 104.207.60.172:24329] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "leobynum.com"] [uri "/.env.staging"] [unique_id "aZDsdLA6urjgD0WUT9AP2AAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 21:24:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 16:24:15.702641 2026] [security2:error] [pid 7244:tid 7244] [client 104.207.60.172:41943] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "leeu100.com"] [uri "/.env.staging"] [unique_id "aZDn_8pZeBT4Mh9xgjZrnQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-05 20:38:21 (5 months ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-25 07:23:27 (6 months ago)	Web App Attack	Brute-Force Exploited Host Web App Attack

Showing 1 to 15 of 139 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2a04:c604:409:90:9999::198

🇻🇪 201.249.192.30

🇦🇷 186.148.224.183

🇷🇺 145.255.1.144

🇺🇸 136.119.94.85

🇨🇳 123.160.173.28

🇮🇪 86.45.119.90

🇺🇸 47.42.131.93

🇳🇱 45.153.34.186

🇳🇱 45.148.10.152

🇰🇿 45.66.52.41

🇮🇩 36.95.194.52

🇨🇦 15.156.110.125

🇰🇿 212.154.234.9

🇬🇧 159.65.18.197

🇺🇸 151.202.96.89

🇩🇪 128.1.123.131

🇵🇭 124.83.109.41

🇮🇳 122.187.39.178

🇧🇷 45.231.98.174