JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.60.81

104.207.60.81 was found in our database!

This IP was reported 135 times. Confidence of Abuse is 7%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.60.81

Whois 104.207.60.81

IP Abuse Reports for 104.207.60.81:

This IP address has been reported a total of 135 times from 14 distinct sources. 104.207.60.81 was first reported on June 22nd 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-10 04:48:31 (1 month ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇨🇳 ThreatBook.io	2026-05-07 22:56:34 (1 month ago)	ThreatBook Intelligence: http_proxy,Gateway more details on https://threatbook.io/ip/104.207.60.81 2 ... show more ThreatBook Intelligence: http_proxy,Gateway more details on https://threatbook.io/ip/104.207.60.81 2026-05-07 07:51:11 /api/qualityprofiles/search 2026-05-07 07:51:09 / 2026-05-07 07:51:11 /api/users/search 2026-05-07 07:51:10 /api/projects/search 2026-05-07 07:51:12 /api/webhooks/list 2026-05-07 07:51:10 /api/system/info 2026-05-07 07:51:09 /api/settings/values 2026-05-07 07:51:13 /api/properties show less	Web App Attack
🇨🇳 ThreatBook.io	2026-05-02 23:02:43 (1 month ago)	ThreatBook Intelligence: http_proxy,Gateway more details on https://threatbook.io/ip/104.207.60.81 2 ... show more ThreatBook Intelligence: http_proxy,Gateway more details on https://threatbook.io/ip/104.207.60.81 2026-05-02 00:09:27 / 2026-05-02 00:14:29 / 2026-05-02 00:03:50 / show less	Web App Attack
🇨🇳 ThreatBook.io	2026-05-01 23:05:57 (1 month ago)	ThreatBook Intelligence: http_proxy,Gateway more details on https://threatbook.io/ip/104.207.60.81 2 ... show more ThreatBook Intelligence: http_proxy,Gateway more details on https://threatbook.io/ip/104.207.60.81 2026-05-01 00:00:05 / 2026-05-01 00:00:45 / 2026-05-01 00:08:21 / 2026-05-01 00:00:43 / 2026-05-01 00:02:44 / show less	Web App Attack
🇨🇳 ThreatBook.io	2026-04-30 22:52:35 (1 month ago)	ThreatBook Intelligence: http_proxy,Gateway more details on https://threatbook.io/ip/104.207.60.81 2 ... show more ThreatBook Intelligence: http_proxy,Gateway more details on https://threatbook.io/ip/104.207.60.81 2026-04-30 08:36:30 / 2026-04-30 08:31:40 / 2026-04-30 08:36:36 / 2026-04-30 08:37:02 / 2026-04-30 08:33:34 / show less	Web App Attack
Anonymous	2026-01-05 20:33:04 (5 months ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 xmission.com	2025-12-30 23:41:16 (5 months ago)	Blocked by UFW (TCP on 80) Source port: 52513 TTL: 54 Packet length: 60 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 80) Source port: 52513 TTL: 54 Packet length: 60 TOS: 0x00 This report (for 104.207.60.81) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇮🇹 VHosting	2025-12-30 03:00:15 (5 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇦🇺 oncord	2025-12-29 13:22:15 (5 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2025-12-29 07:54:35 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 02:54:30.558038 2025] [security2:error] [pid 2747:tid 2747] [client 104.207.60.81:25441] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "digbiellc.com"] [uri "/.env"] [unique_id "aVIztnn87vtbS7cuC16MIgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:24:24 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:24:20.498364 2025] [security2:error] [pid 10856:tid 10856] [client 104.207.60.81:26747] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bayareamustangs.com"] [uri "/.env"] [unique_id "aVICdML5MEENSn1VMdEJ8wAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-21 16:08:33 (6 months ago)	Attempted brute force login to web vpn 189 time(s); last attempt for 2025.12.21 is noted in report t ... show more Attempted brute force login to web vpn 189 time(s); last attempt for 2025.12.21 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-19 19:22:36 (6 months ago)	Attempted brute force login to web vpn 108 time(s); last attempt for 2025.12.19 is noted in report t ... show more Attempted brute force login to web vpn 108 time(s); last attempt for 2025.12.19 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-26 11:09:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:09:32.800092 2025] [security2:error] [pid 5329:tid 5329] [client 104.207.60.81:40577] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.joyfulservice.com"] [uri "/.svn/wc.db"] [unique_id "aSbf7Py6pXwrcwcbuJwEfAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 10:46:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:46:21.767957 2025] [security2:error] [pid 23485:tid 23485] [client 104.207.60.81:15523] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.teamconnell.com"] [uri "/.git/HEAD"] [unique_id "aSbafexBxjK0wSSx_Sds7QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 135 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:400e:c07::12a

🇩🇪 213.209.159.175

🇧🇷 170.80.60.127

🇨🇳 119.249.100.108

🇫🇷 91.231.89.51

🇮🇷 85.198.19.253

🇬🇧 81.19.219.224

🇺🇸 57.141.0.1

🇨🇦 20.116.27.239

🇺🇸 20.9.89.39

🇺🇸 2604:a880:400:d1:0:4:9e90:8001

🇪🇨 191.99.31.106

🇺🇸 184.154.156.13

🇮🇩 180.248.199.96

🇨🇳 123.232.133.193

🇷🇺 87.242.123.186

🇸🇨 45.194.67.28

🇸🇬 8.222.236.31

🇭🇰 223.197.186.7

🇦🇷 190.2.103.216