JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.60.35

104.207.60.35 was found in our database!

This IP was reported 137 times. Confidence of Abuse is 37%: ?

37%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.60.35

Whois 104.207.60.35

IP Abuse Reports for 104.207.60.35:

This IP address has been reported a total of 137 times from 23 distinct sources. 104.207.60.35 was first reported on June 5th 2024, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇿 ddw	2026-05-31 04:42:04 (6 days ago)	WordPress Brute Force Attack.	Hacking Brute-Force Web App Attack
🇫🇷 ELYAZ	2026-05-30 23:43:19 (6 days ago)	(y4) Failed scan -byebye- from 104.207.60.35 (CA/Canada/-): (CF_ENABLE)	Hacking
Anonymous	2026-05-29 15:14:49 (1 week ago)	[ns41.kdns.gr] httpd-login-spray-site: sites=apnoia.gr; logs=/var/log/httpd/domains/apnoia.gr.log; s ... show more [ns41.kdns.gr] httpd-login-spray-site: sites=apnoia.gr; logs=/var/log/httpd/domains/apnoia.gr.log; samples=site_wide=true \| distinct_ips=17 \| /wp-login.php show less	Hacking Web App Attack
🇺🇸 lostswordfish.com	2026-05-27 20:44:03 (1 week ago)	Wordfence waf block on baystatereentrynetwork	Web App Attack
🇩🇪 iNetWorker	2026-05-25 22:40:19 (1 week ago)	trolling for resource vulnerabilities	Web App Attack
🇱🇻 garmtech.com	2026-05-15 08:06:14 (3 weeks ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 11-06.104.207.60.35.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 11-06.104.207.60.35.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇬🇧 relianoid.com	2026-05-08 16:27:05 (4 weeks ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇩🇪 hbrks	2026-01-06 12:35:14 (5 months ago)	3 attack(s) detected, such as these: {"event":"web_block","ip":"104.207.60.35","host":"cloud4.xyz"," ... show more 3 attack(s) detected, such as these: {"event":"web_block","ip":"104.207.60.35","host":"cloud4.xyz","request":"GET / HTTP/1.1","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 OPR/89.0.4447.51","reason":"service:unknow","timestamp":"2026-01-06T12:35:14 00:00","logentry":"cloud4.xyz 104.207.60.35 - - [06/Jan/2026:12:35:14 0000] GET / HTTP/1.1 444 0 - Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 OPR/89.0.4447.51 - matched:service:unknow"} * Report Details : https://p4u.xyz/RW56G3A8NCO/1 IP Details *: https://p4u.xyz/RW56G3A8NCO/2 show less	Web Spam Hacking Bad Web Bot
🇵🇱 sefinek.net	2025-12-08 23:26:34 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇬🇧 relianoid.com	2025-12-01 06:40:55 (6 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
Anonymous	2025-11-27 13:25:08 (6 months ago)	Attempted brute force login to web vpn 1152 time(s); last attempt for 2025.11.27 is noted in report ... show more Attempted brute force login to web vpn 1152 time(s); last attempt for 2025.11.27 is noted in report timestamp show less	Hacking Brute-Force
🇳🇱 jjnxpct	2025-11-26 04:56:04 (6 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.env (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .env found within REQUEST_FILENAME: /.env] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:09:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.35 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:09:33.960361 2025] [security2:error] [pid 6430:tid 6430] [client 104.207.60.35:22785] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.stonetarot.com"] [uri "/.env"] [unique_id "aSU6DZnsiN7uxEJlaYym0gAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:39:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.35 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:39:31.063396 2025] [security2:error] [pid 28685:tid 28685] [client 104.207.60.35:18053] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.thebumans.com"] [uri "/.env"] [unique_id "aSUzA5Tlhbi4PbaxBNdt2AAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:13:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.35 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:13:11.452287 2025] [security2:error] [pid 14871:tid 14871] [client 104.207.60.35:28731] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.allisonokon.com"] [uri "/.svn/wc.db"] [unique_id "aSUs15sVUShy74Yr4__O8wAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 137 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.206

🇺🇸 216.73.216.158

🇺🇸 172.84.99.159

🇺🇸 135.119.96.21

🇰🇷 118.216.88.229

🇿🇦 102.219.41.253

🇭🇰 199.45.154.145

🇳🇱 195.26.87.217

🇧🇷 187.50.226.182

🇺🇸 184.72.84.154

🇹🇿 41.59.50.173

🇰🇷 222.98.122.37

🇳🇱 195.178.110.30

🇷🇺 94.190.15.13

🇺🇸 89.208.181.46

🇺🇸 74.48.105.66

🇰🇷 59.24.133.197

🇱🇹 45.227.254.170

🇬🇧 2.123.46.159

🇫🇷 2a02:4780:27:1036:0:15dd:228d:1