JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.104.60.208

172.104.60.208 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 37%: ?

37%

ISP	Linode
Usage Type	Data Center/Web Hosting/Transit
ASN	AS63949
Hostname(s)	172-104-60-208.ip.linodeusercontent.com
Domain Name	linode.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.104.60.208

Whois 172.104.60.208

IP Abuse Reports for 172.104.60.208:

This IP address has been reported a total of 8 times from 6 distinct sources. 172.104.60.208 was first reported on June 12th 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇦 URAN Publishing Service	2026-06-13 15:33:11 (3 days ago)	172.104.60.208 - - [13/Jun/2026:18:33:08 +0300] "GET /administrator/index.php HTTP/1.1" 404 4792 "-" ... show more 172.104.60.208 - - [13/Jun/2026:18:33:08 +0300] "GET /administrator/index.php HTTP/1.1" 404 4792 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/28.0" 172.104.60.208 - - [13/Jun/2026:18:33:11 +0300] "GET /wp-includes/js/jquery/jquery.js HTTP/1.1" 404 4792 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/28.0" ... show less	Web App Attack
🇫🇷 tilellit.pro	2026-06-13 09:35:49 (3 days ago)	Fail2Ban banned 172.104.60.208 for security violations in jail nginx-aggressive. Log: 2026/06/13 09: ... show more Fail2Ban banned 172.104.60.208 for security violations in jail nginx-aggressive. Log: 2026/06/13 09:35:48 [error] FastCGI sent in stderr: "Primary script unknown" , client: 172.104.60.208, server: [REDACTED], request: "GET /administrator/index.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED] 2026/06/13 09:35:48 [error] FastCGI sent in stderr: "Primary script unknown" , client: 172.104.60.208, server: [REDACTED], request: "GET /admin/index.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED] ... show less	Bad Web Bot Web App Attack
Anonymous	2026-06-13 08:59:01 (3 days ago)	[Drupal AbuseIPDB module] Request path is blacklisted. /wp-includes/js/jquery/jquery.js	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-13 07:58:29 (3 days ago)	172.104.60.208 - - [13/Jun/2026:10:58:15 +0300] "GET /administrator/index.php HTTP/1.1" 404 2857 "-" ... show more 172.104.60.208 - - [13/Jun/2026:10:58:15 +0300] "GET /administrator/index.php HTTP/1.1" 404 2857 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/28.0" 172.104.60.208 - - [13/Jun/2026:10:58:25 +0300] "GET /wp-includes/js/jquery/jquery.js HTTP/1.1" 404 2856 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/28.0" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 02:36:15 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 172.104.60.208 (172-104-60-208.ip.linodeusercon ... show more (mod_security) mod_security (id:210492) triggered by 172.104.60.208 (172-104-60-208.ip.linodeusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 22:36:09.159704 2026] [security2:error] [pid 27119:tid 27119] [client 172.104.60.208:50073] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.oldtowntownship-il.gov"] [uri "/.git/HEAD"] [unique_id "aizCGduzQ_YXEiEUevRcRAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-12 19:56:16 (4 days ago)	Multiple web server 400 error codes from same source ip	Web App Attack
Anonymous	2026-06-12 15:24:38 (4 days ago)	$f2bV_matches	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 14:08:47 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 172.104.60.208 (172-104-60-208.ip.linodeusercon ... show more (mod_security) mod_security (id:210492) triggered by 172.104.60.208 (172-104-60-208.ip.linodeusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 10:08:40.889985 2026] [security2:error] [pid 20780:tid 20780] [client 172.104.60.208:51746] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.cityoffoley.gov"] [uri "/.git/HEAD"] [unique_id "aiwS6BmORR0K_DL64vHT0gAAABg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 2a00:1450:4009:c01::12d

🇳🇱 195.178.110.30

🇻🇳 113.168.250.73

🇭🇰 47.76.59.17

🇰🇷 220.80.225.19

🇺🇸 147.185.132.118

🇧🇩 103.213.238.91

🇳🇱 91.92.40.45

🇩🇪 43.228.157.121

🇨🇳 14.103.118.61

🇺🇸 168.158.245.67

🇩🇪 164.92.239.224

🇨🇳 120.228.1.201

🇺🇸 107.174.113.225

🇮🇳 103.89.136.111

🇩🇪 92.39.31.151

🇳🇱 45.148.10.183

🇬🇧 35.203.211.73

🇰🇷 211.223.107.86

🇫🇮 185.148.3.161