JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.59.103

104.207.59.103 was found in our database!

This IP was reported 151 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.59.103

Whois 104.207.59.103

IP Abuse Reports for 104.207.59.103:

This IP address has been reported a total of 151 times from 24 distinct sources. 104.207.59.103 was first reported on June 5th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 jjnxpct	2026-02-16 04:54:45 (3 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /api/.git/config (Rule ID: 930130) - Restricted File Access Attempt show less	Hacking Web App Attack
🇺🇸 mnsf	2026-02-16 00:05:46 (3 months ago)	Scanning/Probing (25)	Brute-Force Web App Attack
Anonymous	2026-02-15 13:05:09 (3 months ago)	WAF repeated trigger detected by Fail2Ban	Web App Attack
🇬🇧 consul.to	2026-02-15 12:49:39 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇮🇩 Burayot	2026-02-15 12:08:57 (3 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.59.103 (CA/Canada/-): 1 in ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.59.103 (CA/Canada/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 WizardsToolkit	2026-02-15 05:41:52 (3 months ago)	attempted to access /app/.env	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:09:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.103 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:09:21.072125 2026] [security2:error] [pid 19432:tid 19432] [client 104.207.59.103:23261] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sunnygolfvillas.com"] [uri "/.git/config"] [unique_id "aZFVATJRi7AYVRIfL8RnLwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:37:02 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.103 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:36:54.516145 2026] [security2:error] [pid 10106:tid 10106] [client 104.207.59.103:11623] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stefchild.com"] [uri "/.env"] [unique_id "aZE_VhqfV51cDS453pVfTQAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:31:29 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.103 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:31:25.383017 2026] [security2:error] [pid 25345:tid 25345] [client 104.207.59.103:25673] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "spiritofacorn.com"] [uri "/app/.env"] [unique_id "aZEv_b7aUbZiT0cjJBLYBAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:40:33 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.103 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:40:26.738985 2026] [security2:error] [pid 18672:tid 18672] [client 104.207.59.103:34141] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mwrn.com"] [uri "/wp/.git/config"] [unique_id "aZEkCm3-8pgwNQKJBtp2WQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:20:47 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.103 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:20:40.649988 2026] [security2:error] [pid 18237:tid 18237] [client 104.207.59.103:40455] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mundanestudies.org"] [uri "/config/.env"] [unique_id "aZEfaMUT-ed6VKdHDyVmsgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Mario Silber	2026-02-15 00:59:15 (3 months ago)	(mod_security) mod_security triggered on hostname [redacted] 104.207.59.103 (CA/Canada/-)	SQL Injection
🇷🇺 loveprod	2026-02-15 00:25:07 (3 months ago)	104.207.59.103 - - [15/Feb/2026:03:25:05 +0300] "GET /admin/.git/config HTTP/1.1" 301 372 "-" "Mozil ... show more 104.207.59.103 - - [15/Feb/2026:03:25:05 +0300] "GET /admin/.git/config HTTP/1.1" 301 372 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" 104.207.59.103 - - [15/Feb/2026:03:25:06 +0300] "GET /v2/.git/config HTTP/1.1" 301 369 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Bad Web Bot
🇺🇸 mnsf	2026-02-14 23:06:23 (3 months ago)	Too many Status 40X (12) Scanning/Probing (12)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 23:01:14 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.103 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 18:01:07.190726 2026] [security2:error] [pid 31018:tid 31031] [client 104.207.59.103:43825] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lisabees.net"] [uri "/admin/.git/config"] [unique_id "aZD-s1gJ4XndBVAcAYIaMAAAAQs"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 151 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇪 2406:da17:a1c:b102:3cfe:e28f:b2ba:bb81

🇺🇸 2600:387:c:6c38::7

🇸🇬 165.154.203.234

🇳🇱 138.226.222.47

🇷🇺 128.14.231.118

🇺🇸 113.20.4.9

🇳🇱 45.148.10.183

🇫🇷 4.211.84.189

🇷🇴 2.57.121.25

🇺🇸 216.24.212.46

🇸🇪 171.25.158.24

🇳🇱 91.92.243.223

🇺🇸 65.49.1.108

🇨🇳 58.208.84.103

🇫🇷 54.38.241.200

🇺🇸 44.212.250.159

🇨🇳 39.104.64.139

🇳🇱 193.176.31.245

🇺🇸 107.170.247.81

🇺🇸 107.21.175.125