JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.59.95

104.207.59.95 was found in our database!

This IP was reported 129 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.59.95

Whois 104.207.59.95

IP Abuse Reports for 104.207.59.95:

This IP address has been reported a total of 129 times from 12 distinct sources. 104.207.59.95 was first reported on June 5th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 sefinek.net	2026-04-05 00:41:29 (2 months ago)	Triggered Cloudflare WAF (firewallCustom) from CA. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from CA. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: /genshin-stella-mod \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-11 16:06:10 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.95 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 11:06:03.885172 2026] [security2:error] [pid 3642:tid 3642] [client 104.207.59.95:58299] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "apwstl.com"] [uri "/app/.env"] [unique_id "aYyo6yh3HTmw64LkZwRU2gAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 06:23:19 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.95 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 01:23:13.181530 2026] [security2:error] [pid 4086:tid 4086] [client 104.207.59.95:27389] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mailperform.com"] [uri "/admin/.git/config"] [unique_id "aYrO0WLx9Uebi02qD3hNQgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 04:45:40 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.95 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 23:45:33.570667 2026] [security2:error] [pid 12746:tid 12797] [client 104.207.59.95:10729] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "idealcentralvac.com"] [uri "/app/.env"] [unique_id "aYq37S7qoT-4nEbOWPXrywAAANY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:55:25 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.95 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:55:17.490560 2026] [security2:error] [pid 1163:tid 1163] [client 104.207.59.95:11535] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "i-brochures.com"] [uri "/wp/.git/config"] [unique_id "aYqeFXD6mSYzNXCPfCD0ZwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 01:53:44 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.95 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 20:53:38.522731 2026] [security2:error] [pid 5082:tid 5082] [client 104.207.59.95:21885] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "madandproud.com"] [uri "/.env"] [unique_id "aYqPot_GeSBXzX31cwHPhwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 01:34:55 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.95 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 20:34:49.554317 2026] [security2:error] [pid 995:tid 995] [client 104.207.59.95:28741] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "khovanov.com"] [uri "/wp/.git/config"] [unique_id "aYqLOaU4QzYvYKJ81rmntgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:35:31 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.95 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:35:26.050437 2026] [security2:error] [pid 4023:tid 4023] [client 104.207.59.95:16605] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kevinjewell.com"] [uri "/wp/.git/config"] [unique_id "aYp9ToBXt6-S6Oui1Sa1fgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:19:39 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.95 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:19:36.647810 2026] [security2:error] [pid 20251:tid 20251] [client 104.207.59.95:64631] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hotrodsandromance.com"] [uri "/site/.git/config"] [unique_id "aYpdeCjpraOi4xdJI6d2_QAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-09 21:08:06 (4 months ago)	Blocking for trying to access an exploit file: /.env.save	Hacking
🇭🇺 bcsaba	2026-01-06 20:06:29 (5 months ago)	Joomla spam 104.207.59.95 - - [06/Jan/2026:21:06:26 +0100] "GET /index.php?option=com_easyblog&view= ... show more Joomla spam 104.207.59.95 - - [06/Jan/2026:21:06:26 +0100] "GET /index.php?option=com_easyblog&view=dashboard&layout=write HTTP/1.1" 404 789 "https://REDACTED" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36" show less	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:00:57 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-12-21 12:54:38 (5 months ago)	Attempted brute force login to web vpn 54 time(s); last attempt for 2025.12.21 is noted in report ti ... show more Attempted brute force login to web vpn 54 time(s); last attempt for 2025.12.21 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-19 15:22:17 (5 months ago)	Attempted brute force login to web vpn 54 time(s); last attempt for 2025.12.19 is noted in report ti ... show more Attempted brute force login to web vpn 54 time(s); last attempt for 2025.12.19 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-12-10 01:48:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.95 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 20:48:34.984811 2025] [security2:error] [pid 12047:tid 12047] [client 104.207.59.95:46055] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cymbelescircles.com"] [uri "/.git/HEAD"] [unique_id "aTjRcrUe3YdXVa2s6BsLYQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 129 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.104

🇺🇸 66.132.186.203

🇺🇸 207.241.173.57

🇳🇱 206.223.236.181

🇻🇪 201.249.193.193

🇸🇦 188.52.186.206

🇨🇷 186.26.124.123

🇮🇳 106.222.219.110

🇺🇸 68.220.212.106

🇺🇸 64.62.156.24

🇹🇭 58.136.6.88

🇺🇸 17.22.237.150

🇹🇼 198.235.24.56

🇺🇸 152.32.235.206

🇫🇮 147.185.133.5

🇨🇳 121.227.152.250

🇺🇸 72.253.251.3

🇺🇸 45.61.187.176

🇩🇪 43.165.2.110

🇺🇸 18.220.167.202