JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.59.253

104.207.59.253 was found in our database!

This IP was reported 128 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.59.253

Whois 104.207.59.253

IP Abuse Reports for 104.207.59.253:

This IP address has been reported a total of 128 times from 19 distinct sources. 104.207.59.253 was first reported on June 5th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-05-15 12:18:38 (3 weeks ago)	IM360 WAF: Attempt to upload malware	Hacking
🇱🇻 garmtech.com	2026-05-03 11:45:31 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 14-45.104.207.59.253.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 14-45.104.207.59.253.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇮🇹 [email protected]	2026-04-01 21:05:09 (2 months ago)	[Wed Apr 01 22:17:32.954163 2026] [authz_core:error] [pid 2432743:tid 2432846] [client 104.207.59.25 ... show more [Wed Apr 01 22:17:32.954163 2026] [authz_core:error] [pid 2432743:tid 2432846] [client 104.207.59.253:12851] AH01630: client denied by server configuration: /var/www/html/MyWeb/Wordpress_www/wp-login.php, referer: http://wordpress.diegoweb.it/wp-login.php ... show less	Brute-Force Web App Attack
🇦🇱 cheatmaster.store	2026-02-27 01:36:01 (3 months ago)	Automated report: This IP address has been identified as an active public open proxy. Classification ... show more Automated report: This IP address has been identified as an active public open proxy. Classification: Open Proxy \| Spoofing \| VPN/Anonymizer \| Bad Web Bot. Country: Canada Threat level: High. This host is listed across multiple public proxy databases and poses a risk of abuse, credential stuffing, scraping, and spoofed traffic. Reported by automated threat intelligence pipeline. Do not whitelist without manual verification. show less	Web Spam Port Scan Web App Attack
🇪🇸 10dencehispahard SL	2026-01-13 06:47:22 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
Anonymous	2026-01-05 20:13:22 (5 months ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-21 14:29:16 (5 months ago)	Attempted brute force login to web vpn 218 time(s); last attempt for 2025.12.21 is noted in report t ... show more Attempted brute force login to web vpn 218 time(s); last attempt for 2025.12.21 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-19 23:20:14 (5 months ago)	Attempted brute force login to web vpn 144 time(s); last attempt for 2025.12.19 is noted in report t ... show more Attempted brute force login to web vpn 144 time(s); last attempt for 2025.12.19 is noted in report timestamp show less	Hacking Brute-Force
🇭🇺 bcsaba	2025-12-11 04:46:54 (5 months ago)	Joomla spam 104.207.59.253 - - [11/Dec/2025:05:46:51 +0100] "GET /index.php?option=com_easyblog&view ... show more Joomla spam 104.207.59.253 - - [11/Dec/2025:05:46:51 +0100] "GET /index.php?option=com_easyblog&view=dashboard&layout=write HTTP/1.1" 404 789 "https://REDACTED" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Vivaldi/5.3.2679.68" show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:50:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:49:46.294020 2025] [security2:error] [pid 9712:tid 9712] [client 104.207.59.253:41019] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thegameforeverybody.computerian.net"] [uri "/.env"] [unique_id "aSQOGkw9LR3FXACxGNtqogAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:50:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:49:59.046430 2025] [security2:error] [pid 14246:tid 14246] [client 104.207.59.253:19339] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.brychta.net"] [uri "/.svn/wc.db"] [unique_id "aSPj94ifMbs-jOXrHHQ-RgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:21:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:20:53.193538 2025] [security2:error] [pid 23649:tid 23649] [client 104.207.59.253:60549] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.combustionlogic.com"] [uri "/.svn/wc.db"] [unique_id "aSPdJUudow9X7tjiqIsdhQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-04-07 12:34:58 (1 year ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-06 16:55:50 (1 year ago)	Attempted brute force login to web vpn 7 time(s); last attempt for 2025.04.06 is noted in report tim ... show more Attempted brute force login to web vpn 7 time(s); last attempt for 2025.04.06 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-05 20:39:36 (1 year ago)	Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.05 is noted in report tim ... show more Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.05 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 128 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 89.21.67.141

🇲🇾 47.254.192.213

🇳🇱 192.42.116.62

🇲🇽 189.165.124.53

🇩🇪 165.22.17.57

🇸🇬 103.187.146.131

🇰🇪 102.211.145.51

🇪🇸 79.116.138.74

🇺🇸 74.209.100.246

🇺🇸 44.209.150.194

🇨🇳 27.18.75.77

🇨🇦 20.104.126.1

🇸🇬 8.219.212.31

🇩🇪 213.209.159.56

🇺🇦 194.12.81.97

🇳🇱 193.176.31.238

🇬🇧 185.245.83.63

🇩🇪 185.242.3.212

🇧🇷 179.177.201.154

🇩🇪 178.218.144.18