JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.59.230

104.207.59.230 was found in our database!

This IP was reported 138 times. Confidence of Abuse is 15%: ?

15%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.59.230

Whois 104.207.59.230

IP Abuse Reports for 104.207.59.230:

This IP address has been reported a total of 138 times from 14 distinct sources. 104.207.59.230 was first reported on June 11th 2024, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-06-24 03:22:52 (6 hours ago)	Brute force	Brute-Force
🇫🇷 Sklurk	2026-06-16 00:29:09 (1 week ago)	Web App Attack	Web App Attack
🇧🇪 cmbplf	2026-04-10 21:35:11 (2 months ago)	2.167 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
Anonymous	2025-12-30 19:17:09 (5 months ago)	suspicious request in access.log	Web App Attack
Anonymous	2025-12-21 13:22:20 (6 months ago)	Attempted brute force login to web vpn 216 time(s); last attempt for 2025.12.21 is noted in report t ... show more Attempted brute force login to web vpn 216 time(s); last attempt for 2025.12.21 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-19 23:47:38 (6 months ago)	Attempted brute force login to web vpn 126 time(s); last attempt for 2025.12.19 is noted in report t ... show more Attempted brute force login to web vpn 126 time(s); last attempt for 2025.12.19 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-12-11 05:16:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.230 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.230 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 11 00:16:45.405045 2025] [security2:error] [pid 6569:tid 6569] [client 104.207.59.230:48639] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pharmaceuticalsalescertifications.com"] [uri "/.env"] [unique_id "aTpTvUBXNaf-m_0scT34lQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 02:09:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.230 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.230 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 21:09:18.882747 2025] [security2:error] [pid 31530:tid 31530] [client 104.207.59.230:9313] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alejandrogorsse.com"] [uri "/.git/HEAD"] [unique_id "aTeEzljSUyDCpbKUbDyKTgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 05:28:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.230 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.230 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 00:28:05.269926 2025] [security2:error] [pid 18861:tid 18861] [client 104.207.59.230:26267] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "glassclublake.com"] [uri "/.git/HEAD"] [unique_id "aTZh5Vp0mRPyxpIKxdDlLAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 13:57:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.230 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.230 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 08:57:09.237861 2025] [security2:error] [pid 12366:tid 12366] [client 104.207.59.230:33457] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lhhs69.org"] [uri "/.svn/wc.db"] [unique_id "aTWHtQC2x-67h9JoMcUuKwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 12:43:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.230 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.230 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 07:43:50.726105 2025] [security2:error] [pid 3930:tid 3930] [client 104.207.59.230:32681] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "commonbridges.org"] [uri "/.svn/wc.db"] [unique_id "aTV2hqFAK45BblbJNHsP9QAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 16:06:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.230 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.230 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 11:06:01.533175 2025] [security2:error] [pid 32602:tid 32602] [client 104.207.59.230:30233] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "howtogetcoolstuffforfree.com"] [uri "/.svn/wc.db"] [unique_id "aTMC6c-Hrb-uGlYhhtCuXQAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 07:31:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.230 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.230 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 02:31:09.655494 2025] [security2:error] [pid 17928:tid 17928] [client 104.207.59.230:30161] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "genevaleasing.com"] [uri "/.env"] [unique_id "aTKKPWrx-4hSNqE8xlYsDQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 02:08:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.230 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.230 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 21:08:44.080619 2025] [security2:error] [pid 10220:tid 10220] [client 104.207.59.230:25993] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "norbertesser.com"] [uri "/.svn/wc.db"] [unique_id "aTI-rIWb5zVxgOn4QMKQ_gAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-19 18:33:12 (8 months ago)	Attempted brute force login to web vpn 18 time(s); last attempt for 2025.10.19 is noted in report ti ... show more Attempted brute force login to web vpn 18 time(s); last attempt for 2025.10.19 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 138 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2602:80d:1007::2b

🇺🇸 195.184.76.206

🇧🇬 193.24.211.107

🇯🇵 154.12.186.12

🇮🇩 103.47.132.72

🇩🇪 45.43.62.37

🇺🇸 35.150.154.39

🇨🇳 210.16.168.11

🇺🇸 192.3.16.60

🇨🇦 149.56.244.212

🇨🇦 144.217.157.36

🇰🇷 121.148.184.47

🇨🇳 106.75.185.227

🇳🇱 91.92.40.11

🇫🇷 85.217.140.9

🇺🇸 66.132.195.96

🇰🇷 58.231.243.152

🇬🇧 35.203.210.20

🇺🇸 20.98.140.180

🇺🇸 20.65.194.81