JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.59.195

104.207.59.195 was found in our database!

This IP was reported 121 times. Confidence of Abuse is 11%: ?

11%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.59.195

Whois 104.207.59.195

IP Abuse Reports for 104.207.59.195:

This IP address has been reported a total of 121 times from 11 distinct sources. 104.207.59.195 was first reported on June 7th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-05 17:05:42 (1 week ago)	Scanning/Probing (24)	Brute-Force Web App Attack
🇺🇸 mnsf	2026-06-01 14:06:51 (2 weeks ago)	Scanning/Probing (24)	Brute-Force Web App Attack
🇦🇺 paulshipley.com.au	2026-05-25 14:40:03 (3 weeks ago)	[Tue May 26 00:40:02.921243 2026] [security2:error] [pid 145548] [client 104.207.59.195:42009] [clie ... show more [Tue May 26 00:40:02.921243 2026] [security2:error] [pid 145548] [client 104.207.59.195:42009] [client 104.207.59.195] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "ccideas.com.au"] [uri "/wp-config.php.save"] [unique_id "ahRfQr2sS8X-fNmgFa1BiAAAABY"] ... show less	Web App Attack
🇮🇱 Dolphi	2026-03-30 11:42:16 (2 months ago)	POST //xmlrpc.php	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (6 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
🇺🇸 TPI-Abuse	2025-11-25 06:10:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:10:01.610647 2025] [security2:error] [pid 11304:tid 11304] [client 104.207.59.195:30007] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "diydivaslv.andiamocomputers.com"] [uri "/.env"] [unique_id "aSVIOUmGKuNjjc0g8Ik89QAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:48:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:48:05.033973 2025] [security2:error] [pid 29374:tid 29374] [client 104.207.59.195:52727] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.earlsworkshop.com"] [uri "/.git/HEAD"] [unique_id "aSUY5QHVh_x0yuA-VxayHAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:10:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:10:32.739364 2025] [security2:error] [pid 24689:tid 24689] [client 104.207.59.195:30369] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.hope4elsalvador.org"] [uri "/.env"] [unique_id "aSUQGGqWeZaM_7024FuI4wAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:56:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:56:24.881070 2025] [security2:error] [pid 13729:tid 13729] [client 104.207.59.195:51679] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.nick929.com"] [uri "/.git/HEAD"] [unique_id "aSQryDOBXLG97ZDhpPEddQAAADU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:41:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:40:40.057050 2025] [security2:error] [pid 26110:tid 26110] [client 104.207.59.195:34545] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "boat-registration-spain.com"] [uri "/.env"] [unique_id "aSQoGAdJ-F_NvCuEmAIqPQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:20:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:20:24.816623 2025] [security2:error] [pid 25508:tid 25508] [client 104.207.59.195:34885] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.aiamur.com"] [uri "/.env"] [unique_id "aSQHOIK0aXHedM_L8FJs9AAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:11:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:11:32.471312 2025] [security2:error] [pid 7784:tid 7784] [client 104.207.59.195:54069] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.howtosellmorepizza.com"] [uri "/.git/HEAD"] [unique_id "aSP3FEV5YnCVmYa-o741mAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:18:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:18:17.449769 2025] [security2:error] [pid 3965260:tid 3965362] [client 104.207.59.195:45433] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.wwwhst.com"] [uri "/.svn/wc.db"] [unique_id "aSPqmayiyKH59MCrZuFQ4gAAAgo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:29:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:29:24.582026 2025] [security2:error] [pid 18325:tid 18347] [client 104.207.59.195:20795] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.pwrcoupling.com"] [uri "/.git/HEAD"] [unique_id "aSPfJLibCkDUtlE56PAd3wAAAFQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:06:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:05:59.847217 2025] [security2:error] [pid 24855:tid 24855] [client 104.207.59.195:14175] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.h-mod.com"] [uri "/.git/HEAD"] [unique_id "aSPZpyOFON9EcWJBWx1WbwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 121 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 172.110.223.185

🇺🇸 162.216.149.21

🇺🇸 107.151.199.232

🇺🇸 52.242.128.238

🇧🇷 143.95.214.121

🇲🇾 113.211.212.21

🇩🇪 91.41.250.204

🇺🇸 65.49.1.128

🇳🇱 45.148.10.141

🇺🇸 45.33.96.41

🇵🇰 39.51.69.14

🇨🇳 223.66.187.192

🇰🇷 211.37.174.62

🇮🇩 182.9.35.203

🇺🇸 165.227.196.81

🇻🇳 165.154.221.151

🇩🇪 155.117.127.214

🇺🇸 129.153.221.115

🇹🇼 110.25.109.54

🇸🇬 103.138.189.25