JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.59.85

104.207.59.85 was found in our database!

This IP was reported 144 times. Confidence of Abuse is 28%: ?

28%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.59.85

Whois 104.207.59.85

IP Abuse Reports for 104.207.59.85:

This IP address has been reported a total of 144 times from 19 distinct sources. 104.207.59.85 was first reported on June 5th 2024, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-05-31 17:45:02 (5 days ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇫🇷 ELYAZ	2026-05-31 07:43:06 (5 days ago)	(y4) Failed scan -byebye- from 104.207.59.85 (CA/Canada/-): (CF_ENABLE)	Hacking
🇺🇸 dtorrer	2026-05-31 07:36:49 (5 days ago)	Brute-force general attack.	Brute-Force
🇲🇽 octageeks.com	2026-05-30 04:12:27 (6 days ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇱🇻 garmtech.com	2026-01-13 12:15:17 (4 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 14-15.104.207.59.85.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 14-15.104.207.59.85.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇩🇪 conseilgouz	2026-01-11 19:10:01 (4 months ago)	giw-Joomla User : try to access forms...	Hacking
🇺🇸 oncord	2025-12-26 16:57:34 (5 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2025-12-09 23:45:05 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.85 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 18:45:00.735249 2025] [security2:error] [pid 21736:tid 21758] [client 104.207.59.85:14959] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dwcwelding.com"] [uri "/.git/HEAD"] [unique_id "aTi0fOfL1_yUW5l4bSya3QAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 17:59:22 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.85 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 12:59:18.912182 2025] [security2:error] [pid 10667:tid 10667] [client 104.207.59.85:30519] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "geodogs.org"] [uri "/.git/HEAD"] [unique_id "aTXAdgArz06jWK9nX9R3QgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 09:02:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.85 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 04:02:06.911242 2025] [security2:error] [pid 7713:tid 7729] [client 104.207.59.85:60071] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "360degreevalue.com"] [uri "/.svn/wc.db"] [unique_id "aTKfjo6pOcqyoC8r_gD9sQAAAE4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 06:24:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.85 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 01:24:43.996027 2025] [security2:error] [pid 15706:tid 15706] [client 104.207.59.85:57731] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iliketoruntoo.com"] [uri "/.git/HEAD"] [unique_id "aTJ6qzi31pp2k_oKIsSeQAAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 00:48:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.85 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 19:48:16.607780 2025] [security2:error] [pid 28118:tid 28118] [client 104.207.59.85:17919] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "godplusus.com"] [uri "/.env"] [unique_id "aTIr0FH-KPMOKau40jumVAAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 nowyouknow	2025-12-01 15:32:03 (6 months ago)	(From [email protected]) Ready to improve purechirowellness.com’s search en ... show more (From [email protected]) Ready to improve purechirowellness.com’s search engine presence? Tap to begin: https://rb.gy/19b0ah show less	Phishing Web Spam
🇺🇸 TPI-Abuse	2025-11-27 22:20:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.85 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 17:20:27.057951 2025] [security2:error] [pid 22071:tid 22071] [client 104.207.59.85:60405] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "humbliaslaw.com"] [uri "/.env"] [unique_id "aSjOqxFpYwPf--aSqqmPzgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 oncord	2025-11-24 16:09:13 (6 months ago)	Form spam	Web Spam

Showing 1 to 15 of 144 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 222.90.61.239

🇲🇽 186.96.145.241

🇳🇱 185.223.235.16

🇰🇷 122.35.192.61

🇷🇴 80.94.92.184

🇳🇱 64.89.162.15

🇳🇱 45.148.10.183

🇮🇳 2409:408c:2792:5f26:f942:5719:c245:3097

🇧🇪 213.211.137.51

🇧🇷 205.210.31.221

🇧🇪 198.235.24.207

🇲🇰 188.44.20.31

🇧🇷 170.247.65.82

🇨🇳 106.75.33.247

🇧🇷 20.206.64.200

🇺🇸 205.210.31.83

🇦🇹 172.68.50.69

🇸🇪 171.25.158.82

🇺🇸 165.154.172.97

🇵🇪 161.132.38.88