JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.59.242

104.207.59.242 was found in our database!

This IP was reported 139 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.59.242

Whois 104.207.59.242

IP Abuse Reports for 104.207.59.242:

This IP address has been reported a total of 139 times from 19 distinct sources. 104.207.59.242 was first reported on June 5th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 ut-addicted.com	2026-05-29 16:31:55 (1 week ago)	\[Fri May 29 18:31:53.143067 2026\] \[:error\] \[pid 25666:tid 139785832212224\] \[client 104.207.59 ... show more \[Fri May 29 18:31:53.143067 2026\] \[:error\] \[pid 25666:tid 139785832212224\] \[client 104.207.59.242:45359\] \[client 104.207.59.242\] ModSecurity: Access denied with code 403 \(phase 2\). Operator GE matched 5 at TX:anomaly_score. \[file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-949-BLOCKING-EVALUATION.conf"\] \[line "57"\] \[id "949110"\] \[msg "Inbound Anomaly Score Exceeded \(Total Score: 5\)"\] \[severity "CRITICAL"\] \[tag "application-multi"\] \[tag "language-multi"\] \[tag "platform-multi"\] \[tag "attack-generic"\] \[hostname "www.ut-addicted.com"\] \[uri "/.env"\] \[unique_id "ahm-eWR6xpTc97Tu30rKsQAAAMc"\] show less	Brute-Force Web App Attack
🇨🇭 Origon	2026-02-15 12:24:21 (3 months ago)	http-sensitive-files - IP: 104.207.59.242 - time="2026-02-15T13:24:21+01:00" level=info msg="(555f6 ... show more http-sensitive-files - IP: 104.207.59.242 - time="2026-02-15T13:24:21+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.59.242 (CA/200373) : 4h ban on Ip 104.207.59.242" module=db show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:06:04 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:05:57.658664 2026] [security2:error] [pid 30463:tid 30463] [client 104.207.59.242:49781] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tijuana-bibles.com"] [uri "/app/.env"] [unique_id "aZG2pVToxHsMWYs46wNmPAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:42:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:42:49.844901 2026] [security2:error] [pid 533050:tid 533091] [client 104.207.59.242:35189] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thompsonhypnotherapy.com"] [uri "/admin/.env"] [unique_id "aZGxOfu9GH2lWmEaqyBrqQAAAcg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:18:28 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:18:25.048568 2026] [security2:error] [pid 6978:tid 6978] [client 104.207.59.242:47961] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "superiorhandyman.net"] [uri "/.env"] [unique_id "aZFXIerUMkv2RVcGTPdx1QAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 jjnxpct	2026-02-15 04:48:41 (3 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /api/.env (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .env found within REQUEST_FILENAME: /api/.env] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:46:57 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:46:49.878016 2026] [security2:error] [pid 6653:tid 6653] [client 104.207.59.242:61833] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sublimationconsultants.com"] [uri "/.git/config"] [unique_id "aZFPuf6Ig1UegrFzMsWNmwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:25:07 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:25:02.274098 2026] [security2:error] [pid 9087:tid 9087] [client 104.207.59.242:54105] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stringview.com"] [uri "/v2/.git/config"] [unique_id "aZFKnpuCwWex9TPlLMxsFAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:58:35 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:58:31.253727 2026] [security2:error] [pid 1237:tid 1237] [client 104.207.59.242:13519] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stlouisdave.com"] [uri "/admin/.env"] [unique_id "aZFEZ_Fz96F1zJR_8DRsLAAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-15 03:49:03 (3 months ago)	Blocking for trying to access an exploit file: /.env.staging	Hacking
🇺🇸 TPI-Abuse	2026-02-15 02:26:15 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:26:08.966629 2026] [security2:error] [pid 21392:tid 21392] [client 104.207.59.242:62465] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "spicerreport.com"] [uri "/.env.local"] [unique_id "aZEuwA-b19pI8HrjzB_0xwAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 paissangroup	2026-02-15 01:26:32 (3 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:52:00 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:51:54.644193 2026] [security2:error] [pid 19161:tid 19161] [client 104.207.59.242:55055] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mrgutierrezshow.com"] [uri "/frontend/.env"] [unique_id "aZEYqgdCqtyBV48L450oCQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:06:33 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:06:26.079004 2026] [security2:error] [pid 26773:tid 26773] [client 104.207.59.242:30689] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lopansri.com"] [uri "/.env.staging"] [unique_id "aZEOAuS616bsL_oXj5mhvwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 23:05:38 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 18:05:31.953454 2026] [security2:error] [pid 31534:tid 31534] [client 104.207.59.242:60449] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "literarylights.com"] [uri "/frontend/.env"] [unique_id "aZD_u-PxNOgEeOkbDmX-wwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 139 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 221.165.184.5

🇧🇷 177.30.64.65

🇭🇰 101.36.111.155

🇨🇳 58.242.190.39

🇱🇹 45.227.254.170

🇨🇳 220.154.140.199

🇸🇬 218.212.131.123

🇨🇳 218.202.112.10

🇬🇧 198.244.240.57

🇪🇹 196.189.126.185

🇨🇱 170.82.129.8

🇹🇭 150.95.82.21

🇫🇮 130.49.79.169

🇨🇳 120.246.123.50

🇨🇳 106.38.205.224

🇮🇩 103.101.216.219

🇵🇱 57.128.237.234

🇰🇷 218.156.93.206

🇨🇳 218.26.205.154

🇲🇾 180.75.45.191