JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.59.119

104.207.59.119 was found in our database!

This IP was reported 132 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.59.119

Whois 104.207.59.119

IP Abuse Reports for 104.207.59.119:

This IP address has been reported a total of 132 times from 17 distinct sources. 104.207.59.119 was first reported on June 12th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-07 05:52:52 (1 month ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: CRITICAL. Aaran.cloud show less	Hacking Exploited Host
🇵🇱 sefinek.net	2025-12-31 07:21:51 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:114.0) Gecko/20100101 Firefox/114.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:00:57 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-11-30 23:53:34 (6 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-11-26 08:35:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:35:03.562713 2025] [security2:error] [pid 25024:tid 25024] [client 104.207.59.119:52323] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.mobil.autocares-belintxon.com"] [uri "/.env"] [unique_id "aSa7ty5DTpSj-UkafeIR5AAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:32:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:32:16.754554 2025] [security2:error] [pid 7887:tid 7887] [client 104.207.59.119:48091] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.kingdombuilderschurchmd.org"] [uri "/.env"] [unique_id "aSZYoGzmxlCtB_YCNfmUywAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:39:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:39:48.248385 2025] [security2:error] [pid 29998:tid 29998] [client 104.207.59.119:32693] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.maycockfamily.com"] [uri "/.svn/wc.db"] [unique_id "aSZMVM4yFKXpWNBfz64e1wAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:11:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:11:08.048549 2025] [security2:error] [pid 5420:tid 5420] [client 104.207.59.119:15725] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.sundancepei.com"] [uri "/.git/HEAD"] [unique_id "aSU6bKQb-dfsm_km0b1kpwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 boxed-it	2025-11-25 02:44:33 (6 months ago)	GET /.svn/wc.db (Tarpitted for 2m10s, wasted 7.73kB)	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:09:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:09:39.708160 2025] [security2:error] [pid 8613:tid 8613] [client 104.207.59.119:59275] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.miraclepunchy.com"] [uri "/.env"] [unique_id "aSTzw6eDSFZnoxr-TH8VfwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:56:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:56:03.494040 2025] [security2:error] [pid 22942:tid 22942] [client 104.207.59.119:20833] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.thendco.com"] [uri "/.env"] [unique_id "aSPzcyKnorWMrkn09jE5xQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-12 11:50:50 (7 months ago)	Attempted brute force login to web vpn 54 time(s); last attempt for 2025.11.12 is noted in report ti ... show more Attempted brute force login to web vpn 54 time(s); last attempt for 2025.11.12 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-06 21:38:58 (1 year ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.06 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.06 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-04 16:42:04 (1 year ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.04 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.04 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-03 13:26:12 (1 year ago)	Attempted brute force login to web vpn 6 time(s); last attempt for 2025.04.03 is noted in report tim ... show more Attempted brute force login to web vpn 6 time(s); last attempt for 2025.04.03 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 132 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 43.128.122.242

🇮🇹 185.77.50.223

🇨🇱 170.247.138.65

🇩🇪 85.28.47.237

🇫🇷 51.91.76.106

🇸🇬 47.84.195.65

🇸🇬 43.156.12.237

🇭🇰 42.200.60.186

🇯🇵 203.25.124.134

🇺🇸 165.154.162.71

🇭🇰 152.32.186.240

🇸🇬 128.199.225.7

🇨🇳 117.164.191.217

🇺🇸 65.49.1.133

🇨🇳 42.123.122.110

🇲🇦 41.249.227.23

🇦🇺 202.62.129.18

🇳🇱 195.178.110.223

🇺🇸 162.216.149.158

🇨🇳 112.86.225.171