JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.59.144

104.207.59.144 was found in our database!

This IP was reported 157 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.59.144

Whois 104.207.59.144

IP Abuse Reports for 104.207.59.144:

This IP address has been reported a total of 157 times from 26 distinct sources. 104.207.59.144 was first reported on June 11th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-06-24 03:25:40 (1 day ago)	Brute force	Brute-Force
🇫🇷 PacketFilter	2026-02-15 12:52:03 (4 months ago)	Fail2Ban	Hacking Web App Attack
🇬🇧 consul.to	2026-02-15 12:49:06 (4 months ago)	Web attack/malicious scanning detected	Web App Attack
🇳🇱 Mangelot Hosting	2026-02-15 12:37:37 (4 months ago)	(modsecurity) srv103 ModSecurity 104.207.59.144 (CA/Canada/-): 5 in the last 3600 secs; Ports: ; Di ... show more (modsecurity) srv103 ModSecurity 104.207.59.144 (CA/Canada/-): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇮🇩 Burayot	2026-02-15 12:10:57 (4 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.59.144 (CA/Canada/-): 1 in ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.59.144 (CA/Canada/-): 1 in the last 3600 secs show less	Web App Attack
🇫🇷 dynamix	2026-02-15 11:42:25 (4 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 mnsf	2026-02-15 07:06:00 (4 months ago)	Scanning/Probing (24)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:11:12 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.144 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:11:07.047825 2026] [security2:error] [pid 5301:tid 5301] [client 104.207.59.144:59927] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stormwlf.com"] [uri "/.env.local"] [unique_id "aZFHW_Ikyw2afDTfeJLiGAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:29:23 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.144 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:29:19.278495 2026] [security2:error] [pid 29382:tid 29382] [client 104.207.59.144:36079] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "statisticsvignettes.com"] [uri "/api/.git/config"] [unique_id "aZE9j20hXq4ag66wDySwcQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:45:21 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.144 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:45:16.269139 2026] [security2:error] [pid 28939:tid 28939] [client 104.207.59.144:30329] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "naghmehfarahmand.com"] [uri "/site/.git/config"] [unique_id "aZEzPER3BqDkP8K-JCtPygAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 ParaBug	2026-02-15 02:31:31 (4 months ago)	104.207.59.144 - - [15/Feb/2026:03:31:30 +0100] "GET /frontend/.env HTTP/1.1" 301 535 "-" "Mozilla/5 ... show more 104.207.59.144 - - [15/Feb/2026:03:31:30 +0100] "GET /frontend/.env HTTP/1.1" 301 535 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Phishing Brute-Force Web App Attack
🇩🇪 big-cloud.nl	2026-02-15 01:37:25 (4 months ago)	Try to access /api/.git/config	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:40:24 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.144 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:40:17.689812 2026] [security2:error] [pid 184123:tid 184259] [client 104.207.59.144:30033] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "movetodc.com"] [uri "/wp/.git/config"] [unique_id "aZEV8YMh4IJV0omYQjNWQgAAAlU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-14 23:22:23 (4 months ago)	Blocking for trying to access an exploit file: /site/.git/config	Hacking
🇺🇸 TPI-Abuse	2026-02-14 22:32:27 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.144 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 17:32:25.298960 2026] [security2:error] [pid 41385:tid 41385] [client 104.207.59.144:54599] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lightedpath.com"] [uri "/app/.env"] [unique_id "aZD3-R_U-vwQyAK7NOFU7QAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 157 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇭 172.253.11.22

🇨🇳 111.42.132.19

🇺🇸 64.62.156.19

🇺🇸 45.33.113.96

🇨🇳 14.103.46.177

🇭🇰 199.45.154.137

🇬🇧 193.163.125.232

🇺🇸 192.159.99.144

🇺🇸 147.185.132.247

🇺🇸 145.132.101.177

🇸🇬 112.140.184.197

🇳🇬 102.90.79.200

🇺🇸 45.33.96.41

🇺🇸 45.33.16.187

🇳🇱 159.223.10.56

🇺🇸 147.182.183.153

🇳🇱 91.92.40.240

🇫🇷 85.217.140.44

🇮🇷 85.198.19.251

🇺🇸 65.110.40.240