JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.60.38

104.207.60.38 was found in our database!

This IP was reported 126 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.60.38

Whois 104.207.60.38

IP Abuse Reports for 104.207.60.38:

This IP address has been reported a total of 126 times from 14 distinct sources. 104.207.60.38 was first reported on June 4th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇱 cheatmaster.store	2026-02-27 01:59:46 (3 months ago)	Automated report: This IP address has been identified as an active public open proxy. Classification ... show more Automated report: This IP address has been identified as an active public open proxy. Classification: Open Proxy \| Spoofing \| VPN/Anonymizer \| Bad Web Bot. Country: Canada Threat level: High. This host is listed across multiple public proxy databases and poses a risk of abuse, credential stuffing, scraping, and spoofed traffic. Reported by automated threat intelligence pipeline. Do not whitelist without manual verification. show less	Web Spam Port Scan Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 02:10:46 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 21:10:40.450050 2026] [security2:error] [pid 1217:tid 1217] [client 104.207.60.38:23471] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arresteddevelopmentinsight.com"] [uri "/site/.git/config"] [unique_id "aY02oK7MqYc1_XhnDlrH_gAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-02-10 19:33:17 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 06:30:59 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 01:30:49.646557 2026] [security2:error] [pid 13304:tid 13304] [client 104.207.60.38:44611] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ilanknapp.com"] [uri "/backend/.env"] [unique_id "aYrQmT4h88YHQAemFhmbhQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 04:24:15 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 23:24:08.950115 2026] [security2:error] [pid 19652:tid 19652] [client 104.207.60.38:59827] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iconbizpromo.com"] [uri "/admin/.git/config"] [unique_id "aYqy6BOs_oVaOljFPG-ulQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:27:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:27:51.512499 2026] [security2:error] [pid 10574:tid 10574] [client 104.207.60.38:18895] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kirklandhighlands.org"] [uri "/.env.save"] [unique_id "aYqlt6gU4FTef6enMSqjBQAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:01:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:01:28.146184 2026] [security2:error] [pid 11824:tid 11824] [client 104.207.60.38:16389] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "i-slim.net"] [uri "/.git/config"] [unique_id "aYqfiOjxiu0ZROYRm9BiMwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:34:45 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:34:37.872065 2026] [security2:error] [pid 2859:tid 2859] [client 104.207.60.38:59857] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hyps.net"] [uri "/admin/.git/config"] [unique_id "aYqZPQJ3molcyviqt7U4_AAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:30:31 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:30:23.437268 2026] [security2:error] [pid 15557:tid 15557] [client 104.207.60.38:23983] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ketsuri.com"] [uri "/v2/.git/config"] [unique_id "aYp8H4oD8lCu_YipVz_ZkQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:00:23 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:00:19.222953 2026] [security2:error] [pid 16025:tid 16025] [client 104.207.60.38:44075] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kdarmsta.com"] [uri "/.env"] [unique_id "aYpnA7_u8vPvj5Zj3rqPeQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-05 20:37:38 (5 months ago)	Attempted brute force login to web vpn 18 time(s); last attempt for 2026.01.05 is noted in report ti ... show more Attempted brute force login to web vpn 18 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-12 10:15:14 (6 months ago)	Attempted brute force login to web vpn 18 time(s); last attempt for 2025.11.12 is noted in report ti ... show more Attempted brute force login to web vpn 18 time(s); last attempt for 2025.11.12 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-04-09 01:49:05 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 104.207.60.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 104.207.60.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 08 21:48:57.722326 2025] [security2:error] [pid 28037:tid 28037] [client 104.207.60.38:53385] [client 104.207.60.38] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|tucek.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "tucek.org"] [uri "/wp-json/wp/v2/users"] [unique_id "Z_XSCQcTl9ZF4v8wm35r4wAAAAo"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-04-07 13:47:31 (1 year ago)	Attempted brute force login to web vpn 8 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 8 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-06 20:42:42 (1 year ago)	Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.06 is noted in report tim ... show more Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.06 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 126 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 45.120.216.232

🇻🇳 14.225.253.26

🇺🇸 216.25.89.146

🇬🇧 185.247.137.241

🇨🇳 182.147.98.100

🇺🇸 100.27.216.66

🇬🇧 87.236.176.244

🇳🇱 45.148.10.151

🇺🇸 3.222.190.107

🇭🇰 103.230.240.59

🇨🇳 101.33.247.61

🇪🇸 89.44.32.91

🇬🇧 87.236.176.236

🇬🇧 87.236.176.231

🇺🇸 54.235.57.254

🇺🇸 54.211.104.76

🇨🇳 36.150.236.49

🇺🇸 192.178.37.17

🇨🇴 190.85.132.107

🇨🇴 45.65.233.18