JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.60.22

104.207.60.22 was found in our database!

This IP was reported 89 times. Confidence of Abuse is 17%: ?

17%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.60.22

Whois 104.207.60.22

IP Abuse Reports for 104.207.60.22:

This IP address has been reported a total of 89 times from 19 distinct sources. 104.207.60.22 was first reported on June 11th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-05-25 10:59:21 (1 week ago)	Known malicious PHP file or CMS probe	Web App Attack
🇱🇻 garmtech.com	2026-05-21 13:41:20 (2 weeks ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇲🇹 Malta	2026-05-17 15:49:34 (2 weeks ago)	104.207.60.22 - - [17/May/2026:17:49:34 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows N ... show more 104.207.60.22 - - [17/May/2026:17:49:34 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:133.0) Gecko/20100101 Firefox/133.0" show less	Hacking Web App Attack VPN IP
🇨🇦 SSH-Admin	2026-02-07 17:12:28 (3 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇵🇱 sefinek.net	2026-01-13 12:57:36 (4 months ago)	Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Vivaldi/5.3.2679.68 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2026-01-05 20:32:57 (5 months ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-12-29 09:21:40 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.22 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 04:21:36.100309 2025] [security2:error] [pid 27122:tid 27122] [client 104.207.60.22:60593] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kaibeth.com"] [uri "/.git/HEAD"] [unique_id "aVJIIBhBrC-iADzDsgl--wAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 08:55:40 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.22 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 03:55:36.786313 2025] [security2:error] [pid 13047:tid 13047] [client 104.207.60.22:13029] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mceldufftherapist.com"] [uri "/.svn/wc.db"] [unique_id "aVJCCCs7XoTeS3d3PgO5uwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:19:07 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.22 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:18:59.833757 2025] [security2:error] [pid 21169:tid 21169] [client 104.207.60.22:22359] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "shipthunder.com"] [uri "/.svn/wc.db"] [unique_id "aVIPQ1ifOelRI6QxjZcv6gAAACo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:57:47 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.22 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:57:38.752850 2025] [security2:error] [pid 3654:tid 3654] [client 104.207.60.22:37529] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "csme-eprr.com"] [uri "/.git/HEAD"] [unique_id "aVIKQuimMkRk4K7wpCWMGgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:41:36 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.22 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:41:29.537361 2025] [security2:error] [pid 5986:tid 5986] [client 104.207.60.22:45869] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "frameandsavehydepark.com"] [uri "/.svn/wc.db"] [unique_id "aVIGeRU4H71GkFQ_Cdu9DAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:22:19 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.22 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:22:14.278146 2025] [security2:error] [pid 25561:tid 25561] [client 104.207.60.22:22431] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blythewoodanimalhospital.com"] [uri "/.git/HEAD"] [unique_id "aVIB9m4cEGFCRMs204RfHAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 SSH-Admin	2025-12-27 22:05:38 (5 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇬🇧 openstrike.co.uk	2025-12-22 08:49:12 (5 months ago)	9 packets to port 2083	Port Scan
🇩🇪 iNetWorker	2025-12-01 02:33:39 (6 months ago)	trying to access non-authorized port	Port Scan

Showing 1 to 15 of 89 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 187.16.96.250

🇨🇳 124.117.194.69

🇳🇵 110.34.30.120

🇸🇪 82.196.106.164

🇩🇪 43.228.157.121

🇰🇷 43.201.69.141

🇯🇵 8.209.228.11

🇧🇷 177.76.134.111

🇳🇱 176.65.139.173

🇺🇸 159.223.153.2

🇺🇸 152.53.83.101

🇬🇧 152.37.101.163

🇷🇴 80.94.92.167

🇳🇱 45.148.10.147

🇺🇸 45.131.195.66

🇺🇸 43.173.70.187

🇮🇩 43.173.1.69

🇳🇱 5.182.209.54

🇮🇹 217.26.179.68

🇧🇷 205.210.31.178