JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.59.43

104.207.59.43 was found in our database!

This IP was reported 146 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.59.43

Whois 104.207.59.43

IP Abuse Reports for 104.207.59.43:

This IP address has been reported a total of 146 times from 23 distinct sources. 104.207.59.43 was first reported on June 13th 2024, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-01-03 13:31:10 (5 months ago)	Attempted brute force login to web vpn 18 time(s); last attempt for 2026.01.03 is noted in report ti ... show more Attempted brute force login to web vpn 18 time(s); last attempt for 2026.01.03 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 Psycho Solutions LLC	2025-12-29 20:44:52 (5 months ago)	Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User A ... show more Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User Agent: N/A - Timestamp: 12/29/2025 8:44 pm (UTC-6) show less	Web Spam Hacking Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:00:54 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇮🇩 BPS-StatisticsIndonesia	2025-12-20 03:27:47 (5 months ago)	WP Login Scan Activities	Web App Attack
Anonymous	2025-11-27 13:32:17 (6 months ago)	Attempted brute force login to web vpn 1153 time(s); last attempt for 2025.11.27 is noted in report ... show more Attempted brute force login to web vpn 1153 time(s); last attempt for 2025.11.27 is noted in report timestamp show less	Hacking Brute-Force
🇨🇳 ThreatBook.io	2025-11-27 03:25:43 (6 months ago)	ThreatBook Intelligence: http_proxy,Zombie more details on https://threatbook.io/ip/104.207.59.43 20 ... show more ThreatBook Intelligence: http_proxy,Zombie more details on https://threatbook.io/ip/104.207.59.43 2025-11-26 19:30:23 /.git/HEAD show less	Web App Attack
🇫🇮 Shaik Sai Meera	2025-11-26 08:25:09 (6 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇺🇸 TPI-Abuse	2025-11-26 08:17:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.43 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:17:14.100856 2025] [security2:error] [pid 6375:tid 6375] [client 104.207.59.43:20801] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.fgrotary.org"] [uri "/.svn/wc.db"] [unique_id "aSa3ipiU62AAmWNnja8w7AAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:29:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.43 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:29:49.987252 2025] [security2:error] [pid 32164:tid 32164] [client 104.207.59.43:9621] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.carl-fink.name"] [uri "/.git/HEAD"] [unique_id "aSUirVtuc1qo_59OLipGBwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:44:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.43 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:28:38.980321 2025] [security2:error] [pid 30838:tid 30838] [client 104.207.59.43:40979] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.christopherspizza.net"] [uri "/.svn/wc.db"] [unique_id "aST4NjCzoIBLH5pHpra8uQAAAHg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:45:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.43 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:44:56.213934 2025] [security2:error] [pid 32100:tid 32100] [client 104.207.59.43:52051] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.ilovecoffeegroup.com"] [uri "/.svn/wc.db"] [unique_id "aSQbCMRILQGndz4-m7rQoQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:12:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.43 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:12:06.730863 2025] [security2:error] [pid 31253:tid 31253] [client 104.207.59.43:18755] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.mvscouts.org"] [uri "/.git/HEAD"] [unique_id "aSQTVkBUf3QEMdO87v3IjwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-18 22:57:58 (6 months ago)	Attempted brute force login to web vpn 324 time(s); last attempt for 2025.11.18 is noted in report t ... show more Attempted brute force login to web vpn 324 time(s); last attempt for 2025.11.18 is noted in report timestamp show less	Hacking Brute-Force
🇪🇸 el-brujo	2025-11-15 03:15:50 (6 months ago)	Cloudflare WAF: Request Path: /admin Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 ... show more Cloudflare WAF: Request Path: /admin Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Action: block Source: ratelimit ASN Description: DREI-K-TECH-GMBH Country: CA Method: GET Timestamp: 2025-11-15T03:15:50Z ruleId: 11a71ad4659e48b29b5173e3bcc61b4a. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇪🇸 el-brujo	2025-11-15 03:15:40 (6 months ago)	[Sat Nov 15 04:15:38.665539 2025] [proxy_fcgi:error] [pid 4176471:tid 4177094] [remote 104.207.59.43 ... show more [Sat Nov 15 04:15:38.665539 2025] [proxy_fcgi:error] [pid 4176471:tid 4177094] [remote 104.207.59.43:0] AH01071: Got error 'Primary script unknown\n', referer: https://www.google.com [Sat Nov 15 04:15:40.232930 2025] [proxy_fcgi:error] [pid 4176471:tid 4176546] [remote 104.207.59.43:0] AH01071: Got error 'Primary script unknown\n', referer: https://www.google.com ... show less	Hacking Web App Attack

Showing 1 to 15 of 146 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 182.95.178.158

🇨🇳 180.76.143.153

🇮🇳 103.162.157.22

🇺🇸 13.59.10.221

🇳🇱 5.255.123.222

🇺🇸 4.246.61.185

🇨🇳 220.197.78.230

🇺🇸 216.172.190.116

🇵🇪 161.132.38.234

🇳🇱 144.124.244.26

🇰🇷 121.185.89.74

🇨🇳 81.70.194.162

🇩🇪 64.226.107.125

🇺🇸 45.79.207.111

🇬🇧 35.203.211.31

🇹🇭 1.0.143.71

🇰🇷 218.51.148.194

🇺🇸 205.210.31.105

🇩🇪 194.36.88.178

🇦🇱 185.221.253.208