JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.59.162

104.207.59.162 was found in our database!

This IP was reported 125 times. Confidence of Abuse is 9%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.59.162

Whois 104.207.59.162

IP Abuse Reports for 104.207.59.162:

This IP address has been reported a total of 125 times from 15 distinct sources. 104.207.59.162 was first reported on June 11th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇳 ThreatBook.io	2026-05-10 23:56:20 (3 weeks ago)	ThreatBook Intelligence: http_proxy,Gateway more details on https://threatbook.io/ip/104.207.59.162 ... show more ThreatBook Intelligence: http_proxy,Gateway more details on https://threatbook.io/ip/104.207.59.162 2026-05-10 12:45:51 / 2026-05-10 13:18:13 / show less	Web App Attack
🇬🇧 PeravixGroup	2026-05-08 01:50:31 (4 weeks ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 TPI-Abuse	2026-01-15 00:41:41 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 14 19:41:35.172519 2026] [security2:error] [pid 22374:tid 22374] [client 104.207.59.162:19799] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ssion.com"] [uri "/.env"] [unique_id "aWg3v5RSb9gwUrEgEPGBvAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 LRNP	2026-01-12 14:25:53 (4 months ago)	_:80 104.207.59.162 - - [12/Jan/2026:14:25:52 +0000] "GET /.env HTTP/1.1" 404 548 "-" "Mozilla/5.0 ( ... show more _:80 104.207.59.162 - - [12/Jan/2026:14:25:52 +0000] "GET /.env HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Bad Web Bot Web App Attack
Anonymous	2026-01-05 20:30:06 (5 months ago)	Attempted brute force login to web vpn 18 time(s); last attempt for 2026.01.05 is noted in report ti ... show more Attempted brute force login to web vpn 18 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-12-08 17:03:20 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 12:03:15.957497 2025] [security2:error] [pid 6110:tid 6110] [client 104.207.59.162:22283] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "major33.com"] [uri "/.git/HEAD"] [unique_id "aTcE04XRUPVIZQKR1JLALgAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 16:35:13 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 11:35:06.914320 2025] [security2:error] [pid 27871:tid 27871] [client 104.207.59.162:59459] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rimaine.org"] [uri "/.git/HEAD"] [unique_id "aTWsurKA35kUWQyZ9DInkwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 09:19:17 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 04:19:09.785680 2025] [security2:error] [pid 8682:tid 8803] [client 104.207.59.162:28903] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sh2.lol"] [uri "/.svn/wc.db"] [unique_id "aTP1DTiNpEaBLhFN8HghMgAAAEg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 16:15:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 11:15:44.480531 2025] [security2:error] [pid 32550:tid 32550] [client 104.207.59.162:57239] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "menafert.com"] [uri "/.svn/wc.db"] [unique_id "aTMFMKNgz6EGXLJZthdHrQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 12:57:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 07:57:04.291522 2025] [security2:error] [pid 9157:tid 9157] [client 104.207.59.162:55257] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "imbrasacademic.com"] [uri "/.git/HEAD"] [unique_id "aTLWoCMUFY8VBHpiKZfZUwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 10:39:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 05:39:18.505104 2025] [security2:error] [pid 26227:tid 26227] [client 104.207.59.162:31755] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mikekornrich.com"] [uri "/.svn/wc.db"] [unique_id "aTK2VhLRgDuDzRqdCqpQNQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 06:06:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 01:06:06.565856 2025] [security2:error] [pid 8194:tid 8194] [client 104.207.59.162:41789] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "shinynew.com"] [uri "/.git/HEAD"] [unique_id "aTJ2ToyZm3ey-lVnf9HTTgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 22:16:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 17:16:34.725978 2025] [security2:error] [pid 6867:tid 6867] [client 104.207.59.162:34743] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "honweneedthis.com"] [uri "/.env"] [unique_id "aSjNwlSU4ZTNzv1ak6WD8QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-04-07 04:01:16 (1 year ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-05 19:24:03 (1 year ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.05 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.05 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 125 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 116.113.36.29

🇮🇩 103.85.66.217

🇧🇷 168.196.206.14

🇬🇧 92.24.131.237

🇪🇸 90.160.113.253

🇺🇸 52.91.2.81

🇳🇱 45.148.10.151

🇨🇳 14.103.95.175

🇯🇵 8.221.136.6

🇬🇭 197.251.193.6

🇩🇪 178.105.163.37

🇨🇳 125.215.52.45

🇩🇪 116.203.204.171

🇦🇺 101.182.44.108

🇺🇸 69.74.29.21

🇳🇱 2a13:adc0::2db:cfff:fe2b:2b8a

🇷🇺 176.120.22.113

🇭🇰 165.154.70.130

🇺🇸 162.216.150.232

🇰🇷 122.202.250.160