JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.60.84

104.207.60.84 was found in our database!

This IP was reported 150 times. Confidence of Abuse is 11%: ?

11%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.60.84

Whois 104.207.60.84

IP Abuse Reports for 104.207.60.84:

This IP address has been reported a total of 150 times from 26 distinct sources. 104.207.60.84 was first reported on June 5th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 lostswordfish.com	2026-05-22 20:28:03 (2 weeks ago)	Wordfence waf block on wp20190711M4	Web App Attack
🇱🇻 garmtech.com	2026-05-14 04:13:04 (3 weeks ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 07-13.104.207.60.84.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 07-13.104.207.60.84.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2026-05-05 11:42:16 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 14-42.104.207.60.84.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 14-42.104.207.60.84.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2026-05-04 13:51:37 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 16-51.104.207.60.84.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 16-51.104.207.60.84.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇮🇹 VHosting	2026-04-02 03:10:11 (2 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-03-15 10:30:46 (2 months ago)	(mod_security) mod_security (id:210410) triggered by 104.207.60.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210410) triggered by 104.207.60.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 15 06:30:36.134241 2026] [security2:error] [pid 1326:tid 1326] [client 104.207.60.84:53877] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:catid outside range: 1-255. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "95"] [id "210410"] [rev "4"] [msg "COMODO WAF: Invalid character in request\|\|www.ccbank.net\|F\|3"] [data "ARGS:catid=0\\x00'"] [severity "ERROR"] [tag "CWAF"] [tag "Protocol"] [hostname "www.ccbank.net"] [uri "/"] [unique_id "abaKTHsHS74mnqdnLwdCuwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-02-19 21:40:34 (3 months ago)	IM360 WAF: Old style account creation and modification in Joomla! MV:registration	Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 23:59:47 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 18:59:42.556982 2026] [security2:error] [pid 11297:tid 11297] [client 104.207.60.84:32229] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arlan-associates.com"] [uri "/v2/.git/config"] [unique_id "aY0X7hOPyzp6EaiMGpdz_wAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 05:46:33 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 00:46:24.724952 2026] [security2:error] [pid 16817:tid 16817] [client 104.207.60.84:21375] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mahoninginn.com"] [uri "/wp/.git/config"] [unique_id "aYrGMD51Ww5t2QLSVoXMjgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2026-02-10 05:00:52 (3 months ago)	Unauthorized login attempts [ accesslogs]	Brute-Force
🇺🇸 TPI-Abuse	2026-02-10 04:59:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 23:59:52.763345 2026] [security2:error] [pid 24764:tid 24764] [client 104.207.60.84:39139] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "idgcasadelgeologo.com"] [uri "/test/.git/config"] [unique_id "aYq7SNpU8-2Q8pwN4ehIBQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:54:33 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:54:21.649228 2026] [security2:error] [pid 596938:tid 596938] [client 104.207.60.84:63385] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kittyloveschai.com"] [uri "/site/.git/config"] [unique_id "aYqr7cFbfDPzzPuGPLylowAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:23:48 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:23:39.709540 2026] [security2:error] [pid 28820:tid 28820] [client 104.207.60.84:9439] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kirbyimc.com"] [uri "/.env.save"] [unique_id "aYqkuwVbmsDaBO6I0S3p-wAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:34:27 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.60.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.60.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:34:15.468599 2026] [security2:error] [pid 10859:tid 10859] [client 104.207.60.84:48475] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kellermoving.com"] [uri "/.env.staging"] [unique_id "aYpu9xm6YjuwOkmxMYAIrwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-09 22:59:39 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-09	Hacking Web App Attack SSH

Showing 1 to 15 of 150 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 46.151.178.13

🇮🇳 2a02:4780:11:1226:0:2ce4:2a8a:1

🇺🇸 2602:fa59:10:693::1

🇮🇩 143.20.49.38

🇧🇬 91.191.209.74

🇳🇱 89.21.67.132

🇺🇸 208.84.100.114

🇦🇿 185.146.112.48

🇲🇴 182.93.50.90

🇳🇱 176.65.148.135

🇨🇳 121.31.210.125

🇮🇳 115.96.127.206

🇿🇦 102.64.36.112

🇸🇬 94.231.206.39

🇸🇬 94.231.206.36

🇺🇸 50.116.72.133

🇺🇸 40.83.182.122

🇬🇧 35.203.211.120

🇳🇱 5.187.35.142

🇷🇴 2.57.122.177