JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.59.241

104.207.59.241 was found in our database!

This IP was reported 143 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.59.241

Whois 104.207.59.241

IP Abuse Reports for 104.207.59.241:

This IP address has been reported a total of 143 times from 26 distinct sources. 104.207.59.241 was first reported on June 4th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-05-28 23:05:14 (3 weeks ago)	Scanning/Probing (24)	Brute-Force Web App Attack
🇺🇸 mnsf	2026-05-24 01:05:19 (4 weeks ago)	Scanning/Probing (24)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 03:36:45 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.241 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 22:36:40.780616 2026] [security2:error] [pid 23375:tid 23375] [client 104.207.59.241:36607] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kidswow.com"] [uri "/.env.production"] [unique_id "aZaFSLAR4K-65zZAJnBKpwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 clapper	2026-02-19 00:53:48 (4 months ago)	(mod_security) mod_security (id:949110) triggered by 104.207.59.241 (CA/Canada/-): 5 in the last 360 ... show more (mod_security) mod_security (id:949110) triggered by 104.207.59.241 (CA/Canada/-): 5 in the last 3600 secs; ID: rub show less	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-18 20:31:29 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.241 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 15:31:23.368769 2026] [security2:error] [pid 1410566:tid 1410586] [client 104.207.59.241:29791] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tributetoalice.com"] [uri "/api/.env"] [unique_id "aZYhm4d2z3vZtzTY7F2TfwAAAM4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 19:17:26 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.241 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 14:17:16.795126 2026] [security2:error] [pid 562:tid 562] [client 104.207.59.241:45889] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "title41.com"] [uri "/.env"] [unique_id "aZYQPCWdcB4xlR_HXgixugAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 13:07:03 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.241 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 08:06:55.163705 2026] [security2:error] [pid 13653:tid 13653] [client 104.207.59.241:47255] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whitelabelcasinoportal.net"] [uri "/api/.env"] [unique_id "aZW5bxNP5usNk_M-Jb1TxgAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-01-08 01:57:20 (5 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇨🇭 backslash	2025-12-30 21:20:01 (5 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇩🇪 8legz.net	2025-12-30 15:06:58 (5 months ago)	[Tue Dec 30 15:06:56.744137 2025] [php:error] [pid 687509] [client 104.207.59.241:25111] script '/va ... show more [Tue Dec 30 15:06:56.744137 2025] [php:error] [pid 687509] [client 104.207.59.241:25111] script '/var/www/html/xmlrpc.php' not found or unable to stat [Tue Dec 30 15:06:57.419309 2025] [php:error] [pid 686976] [client 104.207.59.241:53663] script '/var/www/html/xmlrpc.php' not found or unable to stat [Tue Dec 30 15:06:58.157368 2025] [php:error] [pid 686975] [client 104.207.59.241:21469] script '/var/www/html/xmlrpc.php' not found or unable to stat ... show less	Brute-Force
🇵🇱 sefinek.net	2025-12-29 16:09:16 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2025-11-27 13:47:47 (6 months ago)	Attempted brute force login to web vpn 2209 time(s); last attempt for 2025.11.27 is noted in report ... show more Attempted brute force login to web vpn 2209 time(s); last attempt for 2025.11.27 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-24 09:14:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.241 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:14:16.078372 2025] [security2:error] [pid 27436:tid 27462] [client 104.207.59.241:53441] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "birdhousefarms.com"] [uri "/.git/HEAD"] [unique_id "aSQh6C11ccQ7B_U6FGSPngAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:19:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.241 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:19:06.415248 2025] [security2:error] [pid 29949:tid 29949] [client 104.207.59.241:48551] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.bnaiisraelkearny.com"] [uri "/.env"] [unique_id "aSQU-sBu46E7OkvvWGr60QAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:31:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.241 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:31:10.806101 2025] [security2:error] [pid 4332:tid 4332] [client 104.207.59.241:23215] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.rkhindustries.com"] [uri "/.svn/wc.db"] [unique_id "aSPfjsPCcvX7PNDHnuBU2QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 143 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 64.226.87.152

🇮🇳 49.47.217.77

🇩🇪 206.81.19.245

🇪🇨 205.235.2.176

🇩🇪 167.94.145.19

🇺🇸 153.66.28.132

🇮🇹 79.1.212.242

🇺🇸 2607:f8b0:4001:c0a::12d

🇦🇷 190.11.189.225

🇺🇦 188.163.32.111

🇲🇽 187.191.48.23

🇳🇱 185.226.197.63

🇰🇷 175.118.127.138

🇺🇸 173.44.180.41

🇵🇰 154.208.47.195

🇰🇷 140.238.9.246

🇩🇪 92.206.254.28

🇻🇪 82.86.108.182

🇺🇸 64.62.156.183

🇳🇱 45.148.10.157