JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.59.217

104.207.59.217 was found in our database!

This IP was reported 138 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.59.217

Whois 104.207.59.217

IP Abuse Reports for 104.207.59.217:

This IP address has been reported a total of 138 times from 19 distinct sources. 104.207.59.217 was first reported on June 5th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 DonAtari	2026-05-15 08:30:12 (3 weeks ago)	DShield firewall scan - TCP to port 9000	Brute-Force SSH
🇫🇷 masterguru	2026-04-06 01:57:57 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.59.217 (CA/Canada/-): 1 in the last 36 ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.59.217 (CA/Canada/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇱🇻 garmtech.com	2026-03-30 06:23:51 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
Anonymous	2026-03-23 22:24:09 (2 months ago)	attempts to hack passwords	Brute-Force Web App Attack
🇦🇺 oncord	2026-03-09 18:30:17 (2 months ago)	Form spam	Web Spam
🇨🇦 SSH-Admin	2026-02-07 17:12:28 (3 months ago)	Probing for Exploits	Exploited Host Web App Attack
Anonymous	2026-01-05 20:17:15 (5 months ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇨🇦 SSH-Admin	2025-12-27 13:45:08 (5 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇱🇻 garmtech.com	2025-12-26 12:15:37 (5 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇱🇻 garmtech.com	2025-12-20 17:50:48 (5 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇺🇸 TPI-Abuse	2025-12-02 21:20:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 16:20:15.817206 2025] [security2:error] [pid 1812:tid 1832] [client 104.207.59.217:33617] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "charteredeconomist.com"] [uri "/.svn/wc.db"] [unique_id "aS9YDxHfKvfljdp_m6D7MQAAAJA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 18:38:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 13:37:59.390040 2025] [security2:error] [pid 3258:tid 3258] [client 104.207.59.217:36049] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "unitedfuturistassociation.com"] [uri "/.svn/wc.db"] [unique_id "aS8yB4dAqPpfCXlRs_n4wgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 10:42:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 05:42:40.163511 2025] [security2:error] [pid 15304:tid 15304] [client 104.207.59.217:42721] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gdijoe.com"] [uri "/.svn/wc.db"] [unique_id "aS7CoKTP0IglYldCFs-3mAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:38:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:38:23.234646 2025] [security2:error] [pid 27127:tid 27130] [client 104.207.59.217:21489] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "northtexaslive.com"] [uri "/.svn/wc.db"] [unique_id "aS57T_kt95TwI9LRcsYazwAAAMA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:43:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:43:17.060819 2025] [security2:error] [pid 6190:tid 6190] [client 104.207.59.217:22047] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mamasquad.com"] [uri "/.svn/wc.db"] [unique_id "aS5uZbX3yZdY0oySrgGnQwAAABg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 138 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 206.189.209.165

🇳🇱 204.76.203.15

🇳🇱 45.148.10.157

🇺🇸 34.231.45.47

🇷🇴 2.57.121.25

🇧🇴 190.181.27.27

🇬🇧 185.216.145.171

🇨🇳 101.126.147.62

🇳🇱 45.153.34.195

🇮🇩 36.64.190.82

🇧🇪 34.78.16.188

🇺🇸 32.221.213.176

🇪🇸 5.182.83.231

🇱🇹 185.169.4.238

🇮🇳 182.77.49.131

🇩🇪 139.162.154.76

🇺🇸 135.237.122.43

🇰🇷 118.37.214.187

🇹🇷 78.176.97.85

🇺🇸 24.199.91.159