JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.59.108

104.207.59.108 was found in our database!

This IP was reported 133 times. Confidence of Abuse is 16%: ?

16%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.59.108

Whois 104.207.59.108

IP Abuse Reports for 104.207.59.108:

This IP address has been reported a total of 133 times from 21 distinct sources. 104.207.59.108 was first reported on June 4th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 ParaBug	2026-05-30 01:10:35 (1 week ago)	104.207.59.108 - - [30/May/2026:03:10:34 +0200] "GET http://51-15-23-24.rev.poneytelecom.eu/.aws/cre ... show more 104.207.59.108 - - [30/May/2026:03:10:34 +0200] "GET http://51-15-23-24.rev.poneytelecom.eu/.aws/credentials HTTP/1.1" 403 440 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Edg/119.0.0.0" ... show less	Phishing Brute-Force Web App Attack
🇬🇧 PeravixGroup	2026-05-14 02:09:40 (3 weeks ago)	Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran. ... show more Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran.cloud show less	FTP Brute-Force Brute-Force
🇨🇳 ThreatBook.io	2026-05-13 00:04:54 (4 weeks ago)	ThreatBook Intelligence: http_proxy,Gateway more details on https://threatbook.io/ip/104.207.59.108 ... show more ThreatBook Intelligence: http_proxy,Gateway more details on https://threatbook.io/ip/104.207.59.108 2026-05-12 03:15:04 / 2026-05-12 03:13:16 / 2026-05-12 03:12:16 / show less	Web App Attack
🇬🇧 PeravixGroup	2026-05-07 15:19:15 (1 month ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
Anonymous	2026-01-05 20:36:12 (5 months ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-12-27 22:29:59 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.108 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.108 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 17:29:55.484775 2025] [security2:error] [pid 606598:tid 606620] [client 104.207.59.108:13477] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cwminstitute.com"] [uri "/.env"] [unique_id "aVBd4wt3y9Uh9Fw1HlB9EAAAAJM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-27 19:31:49 (5 months ago)	"GET /.aws/credentials HTTP/1.1"	Hacking Web App Attack
🇺🇸 myagent.site	2025-12-27 18:42:41 (5 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2025-12-27 17:25:35 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.108 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.108 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 12:25:29.529752 2025] [security2:error] [pid 24807:tid 24807] [client 104.207.59.108:13347] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "biff0.com"] [uri "/.svn/wc.db"] [unique_id "aVAWiQc4NtPTJQ-daa4eGQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-26 23:24:51 (6 months ago)	Attempted brute force login to web vpn 17 time(s); last attempt for 2025.11.26 is noted in report ti ... show more Attempted brute force login to web vpn 17 time(s); last attempt for 2025.11.26 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-25 04:58:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.108 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.108 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:58:20.106926 2025] [security2:error] [pid 15170:tid 15170] [client 104.207.59.108:54389] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.giff.cloud"] [uri "/.env"] [unique_id "aSU3bJYAVdv0B2sqUlGVLgAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:37:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.108 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.108 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:37:29.608517 2025] [security2:error] [pid 2039:tid 2039] [client 104.207.59.108:45151] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.markshvarts.com"] [uri "/.git/HEAD"] [unique_id "aSUyifmIbL3xFNeSUWIoMQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:49:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.108 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.108 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:48:57.106218 2025] [security2:error] [pid 2337:tid 2337] [client 104.207.59.108:44983] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.lakesidedetectiveagency.com"] [uri "/.svn/wc.db"] [unique_id "aSUZGYcugvOb8AmjZwe0UQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:30:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.108 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.108 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:29:48.394439 2025] [security2:error] [pid 7281:tid 7281] [client 104.207.59.108:9669] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.fullyevil.com"] [uri "/.env"] [unique_id "aSUUnMm_7pV_hezPpExEPgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:41:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.108 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.108 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:40:56.295872 2025] [security2:error] [pid 1647140:tid 1647182] [client 104.207.59.108:20743] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.taxelon.com"] [uri "/.svn/wc.db"] [unique_id "aST7GMWdNO_bFaD03Zb6jgAAAMQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 133 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2603:6081:6c00:409b:7e7b:294f:a223:294f

🇺🇸 216.25.89.107

🇩🇪 213.209.159.238

🇲🇽 189.150.140.122

🇳🇱 176.65.149.167

🇨🇳 125.36.255.46

🇨🇳 123.245.84.66

🇺🇸 91.230.168.95

🇺🇸 91.230.168.93

🇨🇳 58.54.53.45

🇬🇧 45.82.76.120

🇯🇵 8.209.209.96

🇧🇪 198.235.24.205

🇩🇪 196.242.141.20

🇳🇱 195.178.110.199

🇳🇱 185.242.226.104

🇫🇷 173.212.213.201

🇨🇳 150.255.37.38

🇺🇸 147.185.132.43

🇰🇷 47.80.59.91