JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.59.1

104.207.59.1 was found in our database!

This IP was reported 70 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.59.1

Whois 104.207.59.1

IP Abuse Reports for 104.207.59.1:

This IP address has been reported a total of 70 times from 14 distinct sources. 104.207.59.1 was first reported on June 14th 2024, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:24 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇵🇱 sefinek.net	2025-12-12 15:26:34 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-25 07:26:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.1 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:26:30.750279 2025] [security2:error] [pid 31748:tid 31748] [client 104.207.59.1:50583] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.michaelgardner.com"] [uri "/.env"] [unique_id "aSVaJlX2AxwzAdJRK3TojgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:12:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.1 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:11:56.858814 2025] [security2:error] [pid 13895:tid 13909] [client 104.207.59.1:37255] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eadweb.com"] [uri "/.env"] [unique_id "aSU6nMqATJ-N2rrGOLaIhgAAAUw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:15:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.1 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:15:27.634308 2025] [security2:error] [pid 4550:tid 4550] [client 104.207.59.1:26165] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.lcbf.org.ithacalions.com"] [uri "/.svn/wc.db"] [unique_id "aSQUHyoVia698FioLuo2UAAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:15:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.1 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:15:55.327486 2025] [security2:error] [pid 29883:tid 29883] [client 104.207.59.1:55873] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "area52designs.com"] [uri "/.env"] [unique_id "aSQGK41B0bHcSXCgp0asyAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:45:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.1 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:44:58.824377 2025] [security2:error] [pid 3365768:tid 3365768] [client 104.207.59.1:33383] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.taacorp.com"] [uri "/.git/HEAD"] [unique_id "aSPw2i0o2TiDieEfZaBGtwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:13:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.1 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:13:22.246989 2025] [security2:error] [pid 15630:tid 15630] [client 104.207.59.1:10103] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.npcsouthernclassic.com"] [uri "/.env"] [unique_id "aSPbYvYS1XtLWcz8DdWDXQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-23 00:58:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.1 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 22 19:58:08.918176 2025] [security2:error] [pid 6683:tid 6683] [client 104.207.59.1:23429] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.cometoorderva.com"] [uri "/.env"] [unique_id "aSJcIITgkGPSeNKM6kFFRwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-16 00:56:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.1 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 15 19:56:29.100954 2025] [security2:error] [pid 6007:tid 6007] [client 104.207.59.1:28863] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.leah.byles.net"] [uri "/.env"] [unique_id "aRkhPeCsXjUJv2zyms0izwAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-04 15:23:20 (7 months ago)	Fail2Ban - Nginx Bot Probes	Web App Attack
🇩🇪 Bigbear3	2025-10-18 08:18:41 (7 months ago)	Report-by-bigbear3	Brute-Force SSH
Anonymous	2025-04-07 12:39:14 (1 year ago)	Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-06 21:09:14 (1 year ago)	Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.06 is noted in report tim ... show more Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.06 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-05 23:25:23 (1 year ago)	Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.05 is noted in report tim ... show more Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.05 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 70 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.157

🇺🇸 162.216.149.6

🇺🇸 85.208.96.212

🇳🇱 45.148.10.147

🇩🇪 45.135.195.139

🇺🇸 143.42.1.185

🇳🇱 141.11.62.50

🇮🇳 122.185.146.166

🇨🇦 99.235.200.20

🇳🇱 81.19.216.79

🇺🇸 66.132.186.186

🇳🇱 45.198.224.5

🇳🇱 45.148.10.151

🇨🇦 207.134.141.194

🇨🇳 182.119.56.103

🇺🇸 152.32.233.100

🇯🇵 101.36.104.242

🇸🇬 47.128.49.132

🇳🇱 209.38.102.185

🇺🇸 162.240.109.188