JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.59.185

104.207.59.185 was found in our database!

This IP was reported 142 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.59.185

Whois 104.207.59.185

IP Abuse Reports for 104.207.59.185:

This IP address has been reported a total of 142 times from 23 distinct sources. 104.207.59.185 was first reported on June 11th 2024, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-01-03 18:35:07 (5 months ago)	Automatic report - Vulnerability scan /wp-config.php	Web App Attack
🇺🇸 rdpguard.com	2026-01-03 15:17:27 (5 months ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇩🇪 Petros Stefanakis	2026-01-02 08:27:18 (5 months ago)	(mod_security) mod_security triggered on hostname [redacted] 104.207.59.185 (CA/Canada/-)	SQL Injection
🇵🇱 sefinek.net	2025-12-28 20:29:00 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 OPR/89.0.4447.51 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2025-12-21 11:10:22 (5 months ago)	Attempted brute force login to web vpn 108 time(s); last attempt for 2025.12.21 is noted in report t ... show more Attempted brute force login to web vpn 108 time(s); last attempt for 2025.12.21 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 myagent.site	2025-12-21 00:31:39 (5 months ago)	Blocking for trying to access an exploit file: /old//installer.php	Hacking
Anonymous	2025-12-19 19:24:13 (5 months ago)	Attempted brute force login to web vpn 108 time(s); last attempt for 2025.12.19 is noted in report t ... show more Attempted brute force login to web vpn 108 time(s); last attempt for 2025.12.19 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-18 16:54:13 (5 months ago)	wordpress-trap	Web App Attack
🇳🇱 MM-bot	2025-12-09 19:29:11 (5 months ago)	URL-probe: HTTP/1.1 GET request on //installer.php (2025-12-09 20:29:11 UTC+1)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:46:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.185 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:46:15.790720 2025] [security2:error] [pid 5323:tid 5323] [client 104.207.59.185:43739] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "drjaymissdiana.com"] [uri "/.svn/wc.db"] [unique_id "aSU0lxQpA6LSywkqQ95qywAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:28:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.185 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:27:58.761038 2025] [security2:error] [pid 15084:tid 15084] [client 104.207.59.185:21581] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cvtheory.com"] [uri "/.svn/wc.db"] [unique_id "aSUULrJgmnEf0EWe6BY-tAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:40:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.185 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:40:48.152333 2025] [security2:error] [pid 16840:tid 16840] [client 104.207.59.185:50493] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.sigridsnaturalfoods.com"] [uri "/.git/HEAD"] [unique_id "aSQoIH2xNeq35b9GJyMxOwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:55:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.185 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:54:33.851449 2025] [security2:error] [pid 6438:tid 6438] [client 104.207.59.185:34497] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.budfromkansascitymo.banis-associates.com"] [uri "/.env"] [unique_id "aSQPOQVtdq3A4Hl9V1YNpAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:11:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.185 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:11:49.538127 2025] [security2:error] [pid 24177:tid 24177] [client 104.207.59.185:60437] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.sparler.com"] [uri "/.git/HEAD"] [unique_id "aSP3JQuNC6T1N56_kdIfYAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:50:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.185 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:50:18.485445 2025] [security2:error] [pid 8830:tid 8830] [client 104.207.59.185:54565] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.airei.com"] [uri "/.svn/wc.db"] [unique_id "aSPyGrK7WTRd-_tJXl4nZQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 142 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 103.126.86.195

🇩🇪 69.5.169.191

🇦🇹 185.69.245.174

🇷🇺 178.178.222.55

🇺🇸 147.185.132.19

🇺🇸 147.185.132.18

🇰🇷 121.154.247.33

🇨🇳 119.96.193.72

🇧🇩 103.16.226.176

🇭🇰 45.78.22.106

🇺🇸 204.220.180.62

🇨🇳 183.221.0.223

🇨🇴 181.61.251.4

🇺🇸 165.154.173.20

🇮🇳 103.54.101.248

🇭🇰 101.36.106.78

🇺🇸 100.29.192.34

🇺🇸 72.211.142.41

🇸🇬 52.187.36.104

🇳🇱 45.148.10.141