JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.60.40

104.207.60.40 was found in our database!

This IP was reported 152 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.60.40

Whois 104.207.60.40

IP Abuse Reports for 104.207.60.40:

This IP address has been reported a total of 152 times from 24 distinct sources. 104.207.60.40 was first reported on June 11th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 sefinek.net	2026-04-01 14:30:06 (2 months ago)	Triggered Cloudflare WAF (firewallCustom) from CA. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from CA. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 OPR/89.0.4447.51 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-15 12:40:50 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.40 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:40:43.368527 2026] [security2:error] [pid 3816:tid 3816] [client 104.207.60.40:31877] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "passwordresearch.com"] [uri "/.env"] [unique_id "aZG-y6_zYAcgFXNpdy_4PwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:18:52 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.40 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:18:47.917194 2026] [security2:error] [pid 533049:tid 533076] [client 104.207.60.40:31801] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ouye.org"] [uri "/app/.env"] [unique_id "aZGrl9b1zu3U8m5370ORTgAAARQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:58:29 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.40 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:58:23.377322 2026] [security2:error] [pid 24158:tid 24158] [client 104.207.60.40:18673] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "psicotanato.com"] [uri "/.env.staging"] [unique_id "aZFuj8rGRWPTrQzvdzKrwgAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-15 05:18:26 (3 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇩🇪 Interceptor_HQ	2026-02-15 05:07:39 (3 months ago)	request_uri: /.env.production -- automatic report --	Hacking Brute-Force
🇺🇸 TPI-Abuse	2026-02-15 04:53:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.40 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:53:26.672456 2026] [security2:error] [pid 4566:tid 4566] [client 104.207.60.40:30701] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oakleighfarm.com"] [uri "/api/.git/config"] [unique_id "aZFRRh6p7lDhLZrS3LMv4AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 masterguru	2026-02-15 04:11:36 (3 months ago)	. Matched phrase "/.env" at REQUEST_URI. (210492-123)	Web App Attack
🇺🇸 mnsf	2026-02-15 04:06:20 (3 months ago)	Scanning/Probing (24)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:10:38 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.40 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:10:32.587421 2026] [security2:error] [pid 680:tid 680] [client 104.207.60.40:51585] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "polarfoxinno.com"] [uri "/backup/.git/config"] [unique_id "aZE5KNrXbYw45-FMm1b0mAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:55:15 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.40 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:55:06.850203 2026] [security2:error] [pid 19786:tid 19786] [client 104.207.60.40:59123] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pocosfarm.com"] [uri "/frontend/.env"] [unique_id "aZE1ihCVgz0lXkunmWwPIwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:29:52 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.40 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:29:44.604342 2026] [security2:error] [pid 18322:tid 18322] [client 104.207.60.40:32215] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nextngnr.com"] [uri "/.env.save"] [unique_id "aZEvmMSk4l-JTzFjJ-JszgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:29:22 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.40 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:29:15.920886 2026] [security2:error] [pid 19462:tid 19462] [client 104.207.60.40:12715] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "neathridge.com"] [uri "/.env"] [unique_id "aZEha3y4r_muVpMkZ_0whgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-02-15 01:12:10 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 nationaleventpros.com	2026-02-15 01:01:53 (3 months ago)	vulnerability scan	Web App Attack

Showing 1 to 15 of 152 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.32.209.253

🇫🇷 91.231.89.142

🇬🇧 31.14.254.112

🇮🇩 2406:da19:776:6e01:44ad:5609:40a1:8e25

🇲🇽 187.192.67.66

🇺🇸 173.252.87.18

🇩🇪 167.71.43.252

🇺🇸 162.216.150.252

🇻🇳 113.166.127.6

🇫🇷 91.196.152.184

🇺🇸 89.106.84.74

🇩🇪 68.183.76.144

🇱🇹 62.60.130.14

🇰🇪 217.199.144.56

🇧🇪 207.175.30.65

🇹🇼 198.235.24.89

🇦🇷 186.57.14.137

🇻🇳 171.231.185.246

🇩🇪 159.89.17.56

🇸🇬 103.189.234.85