JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.68.150.104

172.68.150.104 was found in our database!

This IP was reported 60 times. Confidence of Abuse is 0%: ?

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇺🇸 United States of America
City	Kansas City, Missouri

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Important Note: 172.68.150.104 is an IP address from within our whitelist belonging to the subnet 172.64.0.0/13, which we identify as: "Cloudflare Reverse Proxy".

Whitelisted netblocks are typically owned by trusted entities, such as Google or Microsoft who may use them for search engine spiders. However, these same entities sometimes also provide cloud servers and mail services which are easily abused. Pay special attention when trusting or distrusting these IPs.

Report 172.68.150.104

Whois 172.68.150.104

IP Abuse Reports for 172.68.150.104:

This IP address has been reported a total of 60 times from 12 distinct sources. 172.68.150.104 was first reported on March 16th 2024, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 cg-design.co.uk	2026-06-17 23:23:51 (6 days ago)	(mod_security) mod_security triggered on hostname [redacted] 172.68.150.104 (US/United States/-)	SQL Injection
🇺🇸 mawan	2026-06-16 23:03:21 (1 week ago)	Suspected of having performed illicit activity on LAX server.	Web App Attack
🇬🇧 cg-design.co.uk	2026-06-06 10:43:02 (2 weeks ago)	(mod_security) mod_security triggered on hostname [redacted] 172.68.150.104 (US/United States/-)	SQL Injection
Anonymous	2026-06-05 05:22:21 (2 weeks ago)	[Fri Jun 05 07:22:19.721075 2026] [authz_core:error] [pid 24599] [client 172.68.150.104:12816] AH016 ... show more [Fri Jun 05 07:22:19.721075 2026] [authz_core:error] [pid 24599] [client 172.68.150.104:12816] AH01630: client denied by server configuration: /etc/httpd/htdocs [Fri Jun 05 07:22:20.631585 2026] [authz_core:error] [pid 24599] [client 172.68.150.104:12816] AH01630: client denied by server configuration: /etc/httpd/htdocs [Fri Jun 05 07:22:20.778929 2026] [authz_core:error] [pid 10075] [client 172.68.150.104:12822] AH01630: client denied by server configuration: /etc/httpd/htdocs ... show less	Web App Attack
🇬🇧 cg-design.co.uk	2026-05-25 19:36:26 (4 weeks ago)	(mod_security) mod_security triggered on hostname [redacted] 172.68.150.104 (US/United States/-)	SQL Injection
Anonymous	2026-03-11 02:10:04 (3 months ago)	\| SQL injection attempt.	Web App Attack Hacking SQL Injection
🇬🇧 OptimusGO	2026-03-07 09:41:54 (3 months ago)	Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Time ... show more Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Timestamp: 2026-03-07 09:41:54 UTC Log evidence: 172.68.150.104 - - [07/Mar/2026:09:41:54 +0000] "GET /2019/wp-includes/wlwmanifest.xml HTTP/1.1" 404 181 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 172.68.150.104 - - [07/Mar/2026:09:41:54 +0000] "GET /shop/wp-includes/wlwmanifest.xml HTTP/1.1" 404 181 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 172.68.150.104 - - [07/Mar/2026:09:41:54 +0000] "GET /wp1/wp-includes/wlwmanifest.xml HTTP/1.1" 404 181 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" show less	Port Scan Brute-Force
🇮🇪 eyesilyurt	2025-07-27 04:47:42 (10 months ago)	p- login authenticator failed Incorrect authentication data	Brute-Force SSH
🇺🇸 mawan	2025-07-12 20:33:59 (11 months ago)	Suspected of having performed illicit activity on LAX server.	Web App Attack
🇺🇸 mawan	2025-07-01 01:15:10 (11 months ago)	Suspected of having performed illicit activity on LAX server.	Web App Attack
🇩🇪 centurion	2025-06-07 22:44:34 (1 year ago)	Unauthorized attempt on live [80/tcp] Source port: 58162 TTL: 56 Packet length: 60 TOS: 0x00 https:/ ... show more Unauthorized attempt on live [80/tcp] Source port: 58162 TTL: 56 Packet length: 60 TOS: 0x00 https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇺🇸 TPI-Abuse	2025-05-18 19:11:28 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 172.68.150.104 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 172.68.150.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 18 15:11:23.338877 2025] [security2:error] [pid 3768183:tid 3768183] [client 172.68.150.104:36586] [client 172.68.150.104] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "akula.365soft.top"] [uri "/.git/config"] [unique_id "aCow2zglmU4MuFbgavb_KgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-06 09:45:10 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 172.68.150.104 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 172.68.150.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 06 05:45:02.839418 2025] [security2:error] [pid 1005608:tid 1005608] [client 172.68.150.104:31296] [client 172.68.150.104] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.mail-pmg.com"] [uri "/.git/config"] [unique_id "aBnaHgftJmQFq7jLTH-ARwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-06 07:36:39 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 172.68.150.104 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 172.68.150.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 06 03:36:34.052212 2025] [security2:error] [pid 2053647:tid 2053647] [client 172.68.150.104:15336] [client 172.68.150.104] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.ard.global"] [uri "/.git/config"] [unique_id "aBm8AmDpel05coNx7pkV0gAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-06 02:41:41 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 172.68.150.104 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 172.68.150.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 05 22:41:34.965354 2025] [security2:error] [pid 2538700:tid 2538700] [client 172.68.150.104:60306] [client 172.68.150.104] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.easy-byte.net"] [uri "/.git/config"] [unique_id "aBl23mcaS4ICj0YdQzWkoQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 60 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇺 103.30.211.135

🇺🇸 65.49.1.232

🇺🇸 64.62.197.180

🇩🇪 63.178.243.8

🇧🇷 205.210.31.213

🇳🇱 192.109.200.220

🇺🇸 192.3.127.40

🇳🇱 176.65.132.24

🇨🇳 139.170.141.170

🇮🇳 122.160.59.87

🇨🇦 85.217.149.12

🇺🇸 72.215.33.197

🇨🇳 60.16.208.227

🇹🇼 198.235.24.78

🇭🇳 190.53.248.74

🇳🇱 185.242.226.87

🇨🇲 154.70.102.114

🇨🇳 139.224.230.230

🇨🇳 120.48.98.75

🇮🇳 103.174.34.49