JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.59.23

104.207.59.23 was found in our database!

This IP was reported 90 times. Confidence of Abuse is 14%: ?

14%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.59.23

Whois 104.207.59.23

IP Abuse Reports for 104.207.59.23:

This IP address has been reported a total of 90 times from 18 distinct sources. 104.207.59.23 was first reported on June 20th 2024, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-17 06:00:08 (4 days ago)	Web App Attack	Web App Attack
🇬🇧 PeravixGroup	2026-06-09 19:54:00 (1 week ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇳🇱 jjnxpct	2026-02-16 04:54:42 (4 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.env.local (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .env found within REQUEST_FILENAME: /.env.local] show less	Hacking Web App Attack
Anonymous	2026-02-15 06:00:39 (4 months ago)	104.207.59.23 - - [15/Feb/2026:07:00:38 +0100] "GET /wp/.git/config HTTP/1.1" 301 169 "-" "Mozilla/5 ... show more 104.207.59.23 - - [15/Feb/2026:07:00:38 +0100] "GET /wp/.git/config HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:24:09 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:24:01.441150 2026] [security2:error] [pid 6337:tid 6342] [client 104.207.59.23:35623] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oftv.xyz"] [uri "/.env"] [unique_id "aZFYceSu7-w3_gszGC_ajgAAAEM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:49:10 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:49:06.774982 2026] [security2:error] [pid 11479:tid 11479] [client 104.207.59.23:21261] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sanvicentedelraspeig.com"] [uri "/.env.local"] [unique_id "aZFQQt8UAQ7lXsXTrOYGpQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Little Iguana	2026-02-15 04:30:59 (4 months ago)	Attempt to hack Wordpress Login, XMLRPC or other login	Hacking
🇺🇸 TPI-Abuse	2026-02-15 04:06:57 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:06:51.000457 2026] [security2:error] [pid 22199:tid 22223] [client 104.207.59.23:61265] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "power51.com"] [uri "/admin/.git/config"] [unique_id "aZFGWr6k6LPKjSLyJxBdcQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 04:05:48 (4 months ago)	Too many Status 40X (11) Scanning/Probing (11)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:39:06 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:38:58.425642 2026] [security2:error] [pid 16368:tid 16368] [client 104.207.59.23:63471] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pornstarsdontdance.com"] [uri "/admin/.env"] [unique_id "aZE_0jKGw4L3J5fsXrnirAAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:14:37 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:14:28.675325 2026] [security2:error] [pid 20979:tid 20979] [client 104.207.59.23:40257] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "polishedspaservices.com"] [uri "/.env.local"] [unique_id "aZE6FIxMauDpuQ8aT7Y65AAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:56:57 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:56:52.111818 2026] [security2:error] [pid 16162:tid 16162] [client 104.207.59.23:55425] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "networthbuilding.com"] [uri "/dev/.git/config"] [unique_id "aZEn5N6TE_np7cDxAG9gmAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:38:25 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:38:20.343394 2026] [security2:error] [pid 6834:tid 6834] [client 104.207.59.23:63143] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pinkrays.com"] [uri "/.env.save"] [unique_id "aZEjjJTVUGDF25N5MuD4HAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:14:54 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:14:50.480034 2026] [security2:error] [pid 22295:tid 22295] [client 104.207.59.23:21183] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rohn.com"] [uri "/site/.git/config"] [unique_id "aZEeCq9liX5JUJF-JFpTtwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:56:40 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:56:35.939088 2026] [security2:error] [pid 18796:tid 18796] [client 104.207.59.23:35167] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "photogreetingcardsonline.com"] [uri "/site/.git/config"] [unique_id "aZEZw8Vt6-BYhTuPJCt0zAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 90 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 209.38.120.71

🇳🇱 195.178.110.2

🇺🇸 172.172.180.124

🇸🇨 45.194.67.146

🇳🇱 45.148.10.141

🇸🇬 43.133.61.254

🇺🇸 8.228.95.32

🇰🇷 222.108.100.117

🇭🇰 150.109.119.38

🇸🇬 150.109.12.46

🇺🇸 104.28.213.40

🇬🇧 87.106.65.126

🇩🇪 69.5.169.200

🇳🇱 193.176.31.149

🇭🇷 185.203.18.54

🇨🇳 183.197.75.208

🇺🇸 150.107.38.40

🇺🇸 150.107.36.236

🇮🇳 122.176.122.24

🇨🇦 91.90.120.24