JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.59.117

104.207.59.117 was found in our database!

This IP was reported 128 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.59.117

Whois 104.207.59.117

IP Abuse Reports for 104.207.59.117:

This IP address has been reported a total of 128 times from 18 distinct sources. 104.207.59.117 was first reported on June 11th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-03-30 06:07:12 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.59.117 (CA/Canada/-): 1 in the last 36 ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.59.117 (CA/Canada/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇦🇺 oncord	2026-02-21 13:46:15 (3 months ago)	Form spam	Web Spam
🇦🇺 oncord	2026-02-19 20:42:40 (3 months ago)	Form spam	Web Spam
🇦🇺 oncord	2026-02-18 11:35:43 (3 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2026-02-18 02:30:28 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 21:30:21.094615 2026] [security2:error] [pid 8735:tid 8735] [client 104.207.59.117:27191] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "renperfco.com"] [uri "/site/.git/config"] [unique_id "aZUkPT8NtjyQ3lMDgChtVgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-18 00:48:14 (3 months ago)	Blocking for trying to access an exploit file: /test/.git/config	Hacking
🇪🇸 librebit	2026-02-15 05:20:31 (4 months ago)	Brute force	Brute-Force
🇦🇺 oncord	2026-02-14 06:41:40 (4 months ago)	Form spam	Web Spam
Anonymous	2026-02-11 09:01:00 (4 months ago)	SMS pumping	DDoS Attack VPN IP Bad Web Bot Web App Attack
🇨🇭 backslash	2025-12-14 19:10:06 (6 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇬🇧 SilverZippo	2025-12-01 19:41:53 (6 months ago)	Web App Attack	Web App Attack
🇮🇹 flws	2025-11-25 05:52:20 (6 months ago)	Using APIs to sign up a huge number of fake users	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:59:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:59:16.019173 2025] [security2:error] [pid 25829:tid 25829] [client 104.207.59.117:26623] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.maryrosevaro.com"] [uri "/.git/HEAD"] [unique_id "aSPmJDVo-fQvyp3EaORlHQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:30:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:29:58.368959 2025] [security2:error] [pid 12506:tid 12506] [client 104.207.59.117:15493] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.purelywhimsical.com"] [uri "/.env"] [unique_id "aSPfRoTRJxtnRVqMtEgILQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:13:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:13:34.299805 2025] [security2:error] [pid 2023:tid 2023] [client 104.207.59.117:30453] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.enlightened-workplace.com"] [uri "/.env"] [unique_id "aSPbbpErVimyolWuGeiwdgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 128 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 203.195.82.4

🇲🇰 188.44.20.30

🇶🇦 34.153.65.92

🇺🇸 2602:fb54:9a5::

🇹🇷 176.41.53.52

🇨🇳 123.161.54.228

🇮🇳 103.135.39.116

🇫🇷 88.186.164.112

🇱🇹 81.30.98.49

🇳🇱 45.148.10.157

🇺🇸 45.39.12.214

🇧🇷 187.50.194.182

🇧🇷 179.222.238.206

🇲🇽 177.226.67.232

🇺🇸 147.185.132.245

🇮🇩 103.191.14.243

🇨🇳 101.34.249.202

🇳🇱 91.92.40.153

🇺🇸 18.220.92.255

🇮🇱 5.28.189.160