JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.59.243

104.207.59.243 was found in our database!

This IP was reported 126 times. Confidence of Abuse is 9%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.59.243

Whois 104.207.59.243

IP Abuse Reports for 104.207.59.243:

This IP address has been reported a total of 126 times from 16 distinct sources. 104.207.59.243 was first reported on May 17th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 FeG Deutschland	2026-05-28 23:00:45 (2 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇮🇹 [email protected]	2026-04-18 06:55:42 (1 month ago)	[Sat Apr 18 08:55:41.780345 2026] [authz_core:error] [pid 560720:tid 560796] [remote 104.207.59.243: ... show more [Sat Apr 18 08:55:41.780345 2026] [authz_core:error] [pid 560720:tid 560796] [remote 104.207.59.243:48695] AH01630: client denied by server configuration: /var/www/html/MyWeb/Wordpress_www/wp-login.php ... show less	Brute-Force Web App Attack
🇺🇸 Psycho Solutions LLC	2026-01-09 06:32:16 (5 months ago)	Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User A ... show more Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User Agent: N/A - Timestamp: 1/9/2026 6:32 am (UTC-6) show less	Web Spam Hacking Bad Web Bot Web App Attack
Anonymous	2026-01-05 20:04:39 (5 months ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-12-30 10:20:39 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.243 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 30 05:20:28.085280 2025] [security2:error] [pid 4192050:tid 4192072] [client 104.207.59.243:50929] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.rawsynergy.com"] [uri "/.env"] [unique_id "aVOnbITQu8kSVmbMZUvBIwAAARQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:27 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇮🇩 BPS-StatisticsIndonesia	2025-12-26 03:56:30 (5 months ago)	WP Login Scan Activities	Web App Attack
🇳🇿 Antinson	2025-12-21 08:35:40 (5 months ago)	Scraping with a high error ratio and request rate	Bad Web Bot
🇮🇩 BPS-StatisticsIndonesia	2025-12-17 16:25:20 (5 months ago)	WP Login Scan Activities	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-12-09 15:31:54 (6 months ago)	WP Login Scan Activities	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-12-05 12:55:15 (6 months ago)	WP Login Scan Activities	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 11:57:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.243 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:57:10.473358 2025] [security2:error] [pid 25460:tid 25460] [client 104.207.59.243:58865] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.amrtactical.com"] [uri "/.svn/wc.db"] [unique_id "aSbrFs-x_p08LWrItgNuuwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:37:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.243 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:37:37.220130 2025] [security2:error] [pid 16933:tid 16961] [client 104.207.59.243:26673] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.seattlefamilydoula.com"] [uri "/.env"] [unique_id "aSagMW__nRv550N5ZrlGrAAAAVg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:48:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.243 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:48:32.112253 2025] [security2:error] [pid 13113:tid 13197] [client 104.207.59.243:45421] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.pecanvalleyestates.net"] [uri "/.env"] [unique_id "aSaUsBhhwHzhmSuL6kjVXwAAAZg"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-24 22:20:37 (6 months ago)	Attempted access to sensitive endpoint (/.svn/wc.db) detected. Automated scan or unauthorized probin ... show more Attempted access to sensitive endpoint (/.svn/wc.db) detected. Automated scan or unauthorized probing. show less	Web App Attack

Showing 1 to 15 of 126 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 109.105.210.55

🇮🇳 34.93.241.217

🇰🇷 14.206.12.13

🇩🇪 213.209.159.235

🇧🇷 131.221.182.4

🇧🇷 129.121.39.181

🇨🇳 101.96.200.105

🇷🇺 94.180.250.11

🇲🇩 91.208.184.122

🇬🇧 35.203.211.240

🇺🇸 23.237.188.34

🇺🇦 217.196.174.3

🇺🇸 216.180.246.211

🇺🇸 216.180.246.108

🇫🇷 185.177.72.13

🇨🇦 172.105.16.147

🇹🇼 165.154.227.158

🇺🇸 143.198.239.107

🇭🇰 103.81.168.2

🇫🇷 91.231.89.10