JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.60.239

104.207.60.239 was found in our database!

This IP was reported 131 times. Confidence of Abuse is 12%: ?

12%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.60.239

Whois 104.207.60.239

IP Abuse Reports for 104.207.60.239:

This IP address has been reported a total of 131 times from 17 distinct sources. 104.207.60.239 was first reported on June 30th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Baking333	2026-06-03 22:41:52 (2 days ago)	[redacted] 104.207.60.239 - - [03/Jun/2026:23:41:50 +0100] "GET //wp-includes/[redacted] HTTP/1.1" 3 ... show more [redacted] 104.207.60.239 - - [03/Jun/2026:23:41:50 +0100] "GET //wp-includes/[redacted] HTTP/1.1" 302 1561 0/200896 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" [redacted] 104.207.60.239 - - [03/Jun/2026:23:41:51 +0100] "GET //[redacted]?rsd HTTP/1.1" 302 1561 0/445074 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" show less	Bad Web Bot Web App Attack
🇫🇷 tilellit.pro	2026-05-19 13:34:25 (2 weeks ago)	Fail2Ban banned 104.207.60.239 for security violations in jail wp-armour. Log: 2026/05/19 13:34:25 [ ... show more Fail2Ban banned 104.207.60.239 for security violations in jail wp-armour. Log: 2026/05/19 13:34:25 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 104.207.60.239 \| Target: wplogin" , client: 104.207.60.239, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED] ... show less	Web Spam
🇺🇸 myagent.site	2026-01-13 11:55:03 (4 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
Anonymous	2026-01-05 20:21:28 (5 months ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇦🇺 MAGIC	2025-12-26 01:13:49 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇵🇱 IROK	2025-12-01 18:58:12 (6 months ago)	Firewall Blocked - Unauthorized Port Scanning ...	Port Scan
🇺🇸 TPI-Abuse	2025-11-27 04:03:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 23:03:26.820353 2025] [security2:error] [pid 13566:tid 13566] [client 104.207.60.239:11113] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.powerlessons.net"] [uri "/.env"] [unique_id "aSfNjkI08AslVAB7xTIoPQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 jjnxpct	2025-11-26 04:56:50 (6 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.aws/credentials (Rule ID: 930130) - Restricted File Access Attempt show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 07:19:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:19:52.507829 2025] [security2:error] [pid 28866:tid 28866] [client 104.207.60.239:55489] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.xygil.com"] [uri "/.git/HEAD"] [unique_id "aSVYmEn39MLSS9tNDcoZJQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 MM-bot	2025-11-25 06:29:24 (6 months ago)	URL-probe: HTTP/1.1 GET request on /.svn/wc.db (2025-11-25 07:29:24 UTC+1)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:21:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:21:24.421447 2025] [security2:error] [pid 15171:tid 15171] [client 104.207.60.239:16361] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.robcruickshank.com"] [uri "/.svn/wc.db"] [unique_id "aSVK5OGfVMYtfo-Z5QwzmwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:06:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:05:53.973461 2025] [security2:error] [pid 32749:tid 32749] [client 104.207.60.239:24969] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.onlinesoldier.com"] [uri "/.git/HEAD"] [unique_id "aSVHQbGO2_YBVlaF9_6HNQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:37:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:36:56.368150 2025] [security2:error] [pid 7268:tid 7268] [client 104.207.60.239:32237] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.engelhardtkraatz.com"] [uri "/.svn/wc.db"] [unique_id "aSVAeKZr19L0EBS-ZIOSGQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:52:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:52:04.596706 2025] [security2:error] [pid 818893:tid 818893] [client 104.207.60.239:31785] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.correlationdesign.com"] [uri "/.svn/wc.db"] [unique_id "aSU19OtO3AjQRXY7XDtDcAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:24:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:24:06.686292 2025] [security2:error] [pid 10927:tid 10927] [client 104.207.60.239:13651] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.epicjellyfish.com"] [uri "/.svn/wc.db"] [unique_id "aSUvZvuwqlF91t9U6N5I2QAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 131 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 200.160.118.193

🇭🇰 199.45.154.188

🇮🇳 194.238.20.191

🇧🇬 193.24.211.107

🇸🇪 185.246.130.20

🇦🇲 176.32.193.16

🇮🇳 125.19.207.50

🇺🇿 89.236.210.199

🇺🇸 65.111.10.51

🇩🇪 64.89.163.93

🇺🇸 52.159.247.49

🇳🇱 45.156.128.135

🇺🇸 45.79.207.71

🇦🇿 37.114.179.187

🇺🇸 34.239.118.181

🇹🇭 1.1.145.149

🇮🇩 202.145.0.61

🇭🇰 165.154.42.211

🇸🇬 165.22.240.87

🇺🇸 147.185.132.118