JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.59.238

104.207.59.238 was found in our database!

This IP was reported 135 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.59.238

Whois 104.207.59.238

IP Abuse Reports for 104.207.59.238:

This IP address has been reported a total of 135 times from 20 distinct sources. 104.207.59.238 was first reported on June 7th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-02-15 12:50:28 (4 months ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:39:00 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:38:54.854356 2026] [security2:error] [pid 14397:tid 14397] [client 104.207.59.238:58901] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tmcenvironment.com"] [uri "/backend/.env"] [unique_id "aZG-XlNxEoxBlHGbNs4uQAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:08:19 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:08:15.179579 2026] [security2:error] [pid 11963:tid 11963] [client 104.207.59.238:28205] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tiln.org"] [uri "/.env.save"] [unique_id "aZG3L8YSNmyC54_L1yvr8gAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Moby	2026-02-15 12:06:22 (4 months ago)	104.207.59.238 - - [15/Feb/2026:06:06:10 -0600] "GET /wp/.git/config HTTP/1.1" 404 984 "-" "Mozilla/ ... show more 104.207.59.238 - - [15/Feb/2026:06:06:10 -0600] "GET /wp/.git/config HTTP/1.1" 404 984 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" "75.88.18.218" "techspace.cc" 104.207.59.238 - - [15/Feb/2026:06:06:16 -0600] "GET /test/.git/config HTTP/1.1" 404 984 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" "75.88.18.218" "techspace.cc" 104.207.59.238 - - [15/Feb/2026:06:06:21 -0600] "GET /app/.git/config HTTP/1.1" 404 984 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" "75.88.18.218" "techspace.cc" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:35:55 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:35:48.150816 2026] [security2:error] [pid 31770:tid 31770] [client 104.207.59.238:63929] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thinkerblox.com"] [uri "/test/.git/config"] [unique_id "aZGvlHAllcgAX8yYuKCIsgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:25:45 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:25:40.212162 2026] [security2:error] [pid 22107:tid 22144] [client 104.207.59.238:38823] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stateabbreviationlist.com"] [uri "/api/.env"] [unique_id "aZE8tFijoqwdMHNAObPmdAAAAcQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:09:55 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:09:50.251340 2026] [security2:error] [pid 3669:tid 3669] [client 104.207.59.238:15115] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stainedglass.ab.ca"] [uri "/app/.env"] [unique_id "aZE4_gO7etRNVDUcEPFUewAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 03:05:33 (4 months ago)	Scanning/Probing (25)	Brute-Force Web App Attack
🇮🇩 Burayot	2026-02-15 02:47:05 (4 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.59.238 (CA/Canada/-): 1 in ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.59.238 (CA/Canada/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:37:49 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:37:45.958984 2026] [security2:error] [pid 23287:tid 23342] [client 104.207.59.238:57787] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "n5brg.com"] [uri "/config/.env"] [unique_id "aZExeY6jtjP5LgwlR2nP1wAAAdU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:19:05 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:19:00.793575 2026] [security2:error] [pid 8658:tid 8658] [client 104.207.59.238:27023] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lynnsmetkodesigns.com"] [uri "/.env"] [unique_id "aZEfBMNvGEJoCcdGpgLY_QAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ps-center	2026-02-15 00:30:08 (4 months ago)	C1: Web Attack GET /admin/.git/config	Web Spam Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 23:02:04 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 18:01:52.416349 2026] [security2:error] [pid 886430:tid 886430] [client 104.207.59.238:58637] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lisaslearningland.com"] [uri "/.git/config"] [unique_id "aZD-4KR_EYOfHaW-pCWmlgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 22:38:33 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 17:38:27.359104 2026] [security2:error] [pid 26119:tid 26119] [client 104.207.59.238:29129] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "monteriggioni.net"] [uri "/test/.git/config"] [unique_id "aZD5Yw5rZuUur7WHFx8hLgAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 22:19:29 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 17:19:22.625010 2026] [security2:error] [pid 15317:tid 15317] [client 104.207.59.238:57233] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mollins.com"] [uri "/site/.git/config"] [unique_id "aZD06ujaWyqX73B_gpPoRgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 135 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 66.132.224.29

🇧🇪 207.175.96.249

🇦🇹 185.4.121.161

🇮🇩 182.253.163.133

🇺🇸 172.212.200.29

🇻🇳 161.248.179.24

🇵🇱 151.115.48.199

🇧🇬 146.70.245.137

🇳🇱 91.92.40.240

🇱🇻 81.30.98.158

🇫🇷 77.32.148.247

🇺🇸 74.7.227.172

🇺🇸 66.132.172.214

🇨🇳 61.175.190.222

🇺🇸 52.177.169.196

🇸🇪 52.103.35.85

🇸🇨 45.194.67.29

🇳🇱 45.148.10.152

🇳🇱 45.142.193.131

🇨🇦 23.236.202.106