JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.60.252

104.207.60.252 was found in our database!

This IP was reported 148 times. Confidence of Abuse is 49%: ?

49%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.60.252

Whois 104.207.60.252

IP Abuse Reports for 104.207.60.252:

This IP address has been reported a total of 148 times from 28 distinct sources. 104.207.60.252 was first reported on June 11th 2024, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 MusicLibrary	2026-06-15 01:41:57 (4 days ago)	Attempted access to sensitive configuration files (.env, .git, etc.)	Bad Web Bot Web App Attack
🇩🇪 HandyTreff.de	2026-06-14 07:45:56 (5 days ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -51.997 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -51.997 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Sa show less	Web App Attack Bad Web Bot
🇩🇪 FeG Deutschland	2026-06-11 11:36:53 (1 week ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
Anonymous	2026-06-09 14:58:15 (1 week ago)	104.207.60.252 - - [09/Jun/2026:16:58:14 +0200] "GET /admin/ HTTP/1.1" 404 56 "https://www/" "Mozill ... show more 104.207.60.252 - - [09/Jun/2026:16:58:14 +0200] "GET /admin/ HTTP/1.1" 404 56 "https://www/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" show less	Web App Attack
🇩🇪 Carsten	2026-06-07 17:22:37 (1 week ago)	GET [adminer/index.php]	Port Scan
Anonymous	2026-06-02 10:17:49 (2 weeks ago)	[da.kdns.gr] httpd-login-spray-site: sites=global; logs=/var/log/httpd/access_log; samples=site_wide ... show more [da.kdns.gr] httpd-login-spray-site: sites=global; logs=/var/log/httpd/access_log; samples=site_wide=true \| distinct_ips=12 \| /wp-login.php show less	Hacking Web App Attack
🇨🇿 ddw	2026-05-31 04:42:13 (2 weeks ago)	WordPress Brute Force Attack.	Hacking Brute-Force Web App Attack
Anonymous	2026-05-30 14:08:44 (2 weeks ago)	wordpress authentication brute force	Brute-Force Web App Attack
🇩🇪 HERA - Operations	2026-05-30 06:46:17 (2 weeks ago)	bau-arge - searching for vulnerable scripts: backup.sql 2026/05/30 08:46:17	Web App Attack
🇫🇷 tilellit.pro	2026-05-30 03:44:15 (2 weeks ago)	Fail2Ban banned 104.207.60.252 for security violations in jail wp-armour. Log: 2026/05/30 03:44:15 [ ... show more Fail2Ban banned 104.207.60.252 for security violations in jail wp-armour. Log: 2026/05/30 03:44:15 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 104.207.60.252 \| Target: wplogin" , client: 104.207.60.252, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
Anonymous	2026-05-29 08:49:22 (3 weeks ago)	[da.kdns.gr] httpd-login-spray-site: sites=pikoulis.gr; logs=/var/log/httpd/domains/pikoulis.gr.log; ... show more [da.kdns.gr] httpd-login-spray-site: sites=pikoulis.gr; logs=/var/log/httpd/domains/pikoulis.gr.log; samples=site_wide=true \| distinct_ips=16 \| /wp-login.php show less	Hacking Web App Attack
🇺🇸 lostswordfish.com	2026-05-27 13:34:05 (3 weeks ago)	Wordfence waf block on registrymatters	Web App Attack
🇩🇪 FeG Deutschland	2026-05-22 23:32:34 (3 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇦🇺 2000cn.com.au	2026-04-18 20:01:53 (2 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇱🇻 garmtech.com	2026-03-27 00:02:32 (2 months ago)	IM360 WAF: Laravel .env file access	Web App Attack

Showing 1 to 15 of 148 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇱 216.155.93.75

🇬🇧 193.163.125.237

🇦🇷 186.38.26.5

🇨🇳 175.2.72.101

🇨🇳 119.119.182.255

🇮🇳 52.172.177.191

🇳🇱 45.153.34.235

🇺🇸 24.30.154.85

🇮🇹 2.196.72.188

🇭🇰 2602:80d:1003::10

🇯🇵 118.111.37.36

🇧🇷 45.162.8.14

🇬🇧 35.203.211.16

🇺🇸 34.228.104.231

🇧🇷 14.102.230.4

🇺🇸 195.184.76.77

🇴🇲 194.233.110.192

🇬🇧 172.71.241.100

🇮🇳 122.160.11.40

🇱🇹 81.30.98.158