JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.60.236

104.207.60.236 was found in our database!

This IP was reported 133 times. Confidence of Abuse is 32%: ?

32%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.60.236

Whois 104.207.60.236

IP Abuse Reports for 104.207.60.236:

This IP address has been reported a total of 133 times from 18 distinct sources. 104.207.60.236 was first reported on June 7th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 thetomtaylor.co.uk	2026-05-31 02:09:02 (1 week ago)	Fail2Ban - [RECIDIVE]Repeat offender across multiple jails on recidive ... [mx01,mx02,mx03]	Brute-Force Bad Web Bot Exploited Host Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-05-31 01:07:02 (1 week ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice01,wa01,wa02]	Hacking Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-30 23:39:34 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 19:39:29.338727 2026] [security2:error] [pid 16879:tid 16879] [client 104.207.60.236:58527] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "disenowebprofesional.com"] [uri "/.git/config"] [unique_id "aht1MaW1d635-QfioSqg1wAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-30 23:20:01 (1 week ago)	suspicious request in access.log	Web App Attack
🇮🇩 Burayot	2026-05-30 21:58:44 (1 week ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.60.236 (CA/Canada/-): 2 in ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.60.236 (CA/Canada/-): 2 in the last 3600 secs show less	Web App Attack
Anonymous	2026-05-14 13:03:57 (3 weeks ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇵🇱 maciejpedzich	2026-01-24 07:05:12 (4 months ago)	Vulnerability scanner detected! User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_3_2 like Mac OS X) ... show more Vulnerability scanner detected! User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_3_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3.1 Mobile/15E148 Safari/604.1 Endpoint: GET /installer.php show less	Hacking Web App Attack
🇱🇻 garmtech.com	2025-11-26 10:56:28 (6 months ago)	Attempted access to sensitive endpoint (/.svn/wc.db) detected. Automated scan or unauthorized probin ... show more Attempted access to sensitive endpoint (/.svn/wc.db) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 10:37:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:37:08.140298 2025] [security2:error] [pid 6803:tid 6803] [client 104.207.60.236:27041] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.oldcuyama.com"] [uri "/.env"] [unique_id "aSbYVNC8Blwj4MkmEaxUxAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 08:41:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:41:29.114479 2025] [security2:error] [pid 17676:tid 17676] [client 104.207.60.236:12309] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.hawkinsenterprise.com"] [uri "/.git/HEAD"] [unique_id "aSa9OZ65-RIHE-rpZbGZYgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:26:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:26:15.398318 2025] [security2:error] [pid 16934:tid 16978] [client 104.207.60.236:28445] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.davidholls.com"] [uri "/.git/HEAD"] [unique_id "aSaPdxKESCEx-WKRVnsl1wAAAY4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:39:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:39:07.835359 2025] [security2:error] [pid 24792:tid 24792] [client 104.207.60.236:46049] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.peterlundman.com"] [uri "/.svn/wc.db"] [unique_id "aSZaO6Wn2Rz2hYm-WpmtvQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-26 01:15:34 (6 months ago)	Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing ... show more Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:45:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:45:22.350635 2025] [security2:error] [pid 3253:tid 3253] [client 104.207.60.236:16603] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.platformintelligence.com"] [uri "/.svn/wc.db"] [unique_id "aSZNolkve-xBKfgzdOgZZgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:00:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:00:33.750110 2025] [security2:error] [pid 3737174:tid 3737174] [client 104.207.60.236:60599] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.christineaholtz.com"] [uri "/.env"] [unique_id "aSQesWvgBjjFHAMbaVjQFAAAABk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 133 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.245

🇺🇸 206.206.103.148

🇳🇱 193.176.31.225

🇬🇧 193.176.29.24

🇺🇸 107.150.1.166

🇮🇳 103.93.37.199

🇷🇴 2.57.122.177

🇧🇷 205.210.31.186

🇸🇪 170.62.100.59

🇻🇳 103.78.1.33

🇷🇴 80.94.95.118

🇭🇰 165.154.41.232

🇺🇸 147.185.132.88

🇨🇳 119.29.37.49

🇬🇧 94.9.233.149

🇫🇷 89.116.35.97

🇺🇿 84.54.72.87

🇨🇳 61.185.208.188

🇸🇬 47.128.61.22

🇳🇱 45.148.10.151