JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.60.71

104.207.60.71 was found in our database!

This IP was reported 137 times. Confidence of Abuse is 9%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.60.71

Whois 104.207.60.71

IP Abuse Reports for 104.207.60.71:

This IP address has been reported a total of 137 times from 16 distinct sources. 104.207.60.71 was first reported on June 4th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 MatStef132	2026-05-19 21:11:04 (2 weeks ago)	MatShield L7: blocked on mathost.eu (ua-quarantined)	Bad Web Bot
🇳🇱 MatStef132	2026-05-19 20:59:02 (2 weeks ago)	MatShield L7: blocked on dstat.selify.io (click-id-direct-nav)	DDoS Attack
🇫🇷 MatStef132	2026-05-19 20:55:41 (2 weeks ago)	MatShield L7: blocked on mathost.eu (ua-quarantined)	Bad Web Bot
🇫🇷 MatStef132	2026-05-15 15:39:09 (3 weeks ago)	MatShield L7 blocked request to mathost.eu for reason ua-q	DDoS Attack Bad Web Bot Web App Attack
🇫🇷 MatStef132	2026-05-14 21:32:37 (3 weeks ago)	[mathost.eu] ua-q	DDoS Attack Bad Web Bot Web App Attack
🇪🇸 el-brujo	2026-04-28 15:44:20 (1 month ago)	Cloudflare WAF: Request Path: /123456 Request Query: ?utm_content=1777391060071318236 Host: elhacker ... show more Cloudflare WAF: Request Path: /123456 Request Query: ?utm_content=1777391060071318236 Host: elhacker.net userAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Action: block Source: ratelimit ASN Description: 3xK Tech GmbH Country: CA Method: GET Timestamp: 2026-04-28T15:44:20Z ruleId: 11a71ad4659e48b29b5173e3bcc61b4a. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:25 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-29 12:24:49 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.71 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 07:24:43.539850 2025] [security2:error] [pid 5621:tid 5621] [client 104.207.60.71:48971] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stardancertantra.com"] [uri "/.svn/wc.db"] [unique_id "aVJzC0jYa0mMbN4q2OwV1gAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 08:50:16 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.71 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 03:50:09.179756 2025] [security2:error] [pid 16645:tid 16645] [client 104.207.60.71:19459] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tribwatch.com"] [uri "/.git/HEAD"] [unique_id "aVJAwYcJmehaICGu99jZWAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-29 08:28:57 (5 months ago)	Web App Attack	Brute-Force Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 06:52:20 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.71 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:52:12.634656 2025] [security2:error] [pid 16446:tid 16446] [client 104.207.60.71:26171] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mauriene.com"] [uri "/.env"] [unique_id "aVIlHHuRFTpkbqfCSnCWpwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 06:13:31 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.71 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:13:25.237288 2025] [security2:error] [pid 24327:tid 24327] [client 104.207.60.71:39829] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "achillespress.com"] [uri "/.svn/wc.db"] [unique_id "aVIcBR9s_1i5ImJ3vQv1UAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:57:33 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.71 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:57:27.165251 2025] [security2:error] [pid 20388:tid 20388] [client 104.207.60.71:48165] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bluestarplumberseasttexas.com"] [uri "/.svn/wc.db"] [unique_id "aVIYRwmVIjSpbtBB5QfGTAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:36:59 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.71 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:36:50.788491 2025] [security2:error] [pid 19899:tid 19899] [client 104.207.60.71:54867] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "estatemartinc.com"] [uri "/.env"] [unique_id "aVITcu3YdTqZUsvGiYyBsgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:52:44 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.71 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:52:41.381117 2025] [security2:error] [pid 11147:tid 11147] [client 104.207.60.71:40791] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "haywardcarpentry.com"] [uri "/.env"] [unique_id "aVIJGfhLyqqbVL3oPpvMnwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 137 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.199.166.104

🇫🇷 2a02:c206:2196:4686::1

🇩🇪 213.209.159.56

🇷🇺 213.33.204.130

🇳🇱 209.85.218.101

🇳🇱 195.178.110.162

🇫🇮 178.20.210.151

🇺🇸 165.154.163.10

🇫🇷 146.70.194.244

🇵🇾 143.202.210.166

🇻🇳 115.79.136.140

🇵🇰 110.38.240.255

🇭🇰 103.210.238.204

🇮🇳 103.174.10.52

🇳🇵 103.163.182.141

🇺🇸 82.38.68.207

🇵🇱 81.210.53.108

🇧🇬 46.249.65.41

🇳🇱 45.148.10.157

🇸🇬 43.156.201.48