JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.59.98

104.207.59.98 was found in our database!

This IP was reported 131 times. Confidence of Abuse is 12%: ?

12%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.59.98

Whois 104.207.59.98

IP Abuse Reports for 104.207.59.98:

This IP address has been reported a total of 131 times from 18 distinct sources. 104.207.59.98 was first reported on June 4th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Hazzard	2026-05-21 20:02:31 (2 weeks ago)	(wordpress) Failed wordpress login from 104.207.59.98 (CA/Canada/Ontario/Toronto/-/[redacted]): (CF ... show more (wordpress) Failed wordpress login from 104.207.59.98 (CA/Canada/Ontario/Toronto/-/[redacted]): (CF_ENABLE) show less	Brute-Force
🇩🇪 iNetWorker	2026-05-21 17:45:25 (2 weeks ago)	trolling for resource vulnerabilities	Web App Attack
🇪🇸 librebit	2026-03-06 06:58:13 (3 months ago)	Brute force	Brute-Force
🇵🇱 sefinek.net	2026-02-23 13:45:01 (3 months ago)	Triggered Cloudflare WAF (firewallCustom) from CA. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from CA. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 YaBrowser/22.7.0 Yowser/2.5 Safari/537.36 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 octageeks.com	2025-12-24 05:06:29 (5 months ago)	Wordpress malicious attack:[octawp]	Web App Attack
Anonymous	2025-12-21 11:02:31 (5 months ago)	Attempted brute force login to web vpn 144 time(s); last attempt for 2025.12.21 is noted in report t ... show more Attempted brute force login to web vpn 144 time(s); last attempt for 2025.12.21 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-19 23:58:59 (5 months ago)	Attempted brute force login to web vpn 126 time(s); last attempt for 2025.12.19 is noted in report t ... show more Attempted brute force login to web vpn 126 time(s); last attempt for 2025.12.19 is noted in report timestamp show less	Hacking Brute-Force
🇦🇺 MAGIC	2025-12-13 04:00:10 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (5 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
Anonymous	2025-12-09 09:45:48 (5 months ago)	wordpress-trap	Web App Attack
🇳🇱 homeshowdomain.nl	2025-11-25 23:03:37 (6 months ago)	Auto-ban: >3000 req/min op 2025-11-25	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-25 06:34:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.98 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:34:14.267473 2025] [security2:error] [pid 10619:tid 10717] [client 104.207.59.98:23061] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.julianositalianrestaurant.com"] [uri "/.svn/wc.db"] [unique_id "aSVN5gXcnVrJOg7V-2KD5wAAAQ0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:26:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.98 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:26:37.183420 2025] [security2:error] [pid 12251:tid 12251] [client 104.207.59.98:15599] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "edgewatertaxidermy.com"] [uri "/.env"] [unique_id "aSU-DUJsT65Q4lhVQlVpFgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:56:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.98 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:56:36.631741 2025] [security2:error] [pid 26181:tid 26181] [client 104.207.59.98:14377] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.fletcherdouglas.com"] [uri "/.git/HEAD"] [unique_id "aSU3BETG8QpvOjPuRtNDVwAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:10:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.98 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:10:32.918705 2025] [security2:error] [pid 14922:tid 14922] [client 104.207.59.98:59297] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.kevinfranz.com"] [uri "/.git/HEAD"] [unique_id "aSUsOIheVxKnnrauP8WGXAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 131 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.68

🇧🇷 170.247.40.247

🇳🇱 160.119.71.12

🇦🇺 149.118.68.211

🇨🇳 113.218.223.175

🇧🇬 81.177.213.165

🇷🇴 80.94.92.187

🇫🇷 3.165.136.121

🇨🇳 1.94.214.157

🇬🇧 217.154.38.181

🇨🇴 186.146.235.58

🇨🇳 175.147.222.119

🇭🇰 152.32.132.28

🇨🇳 43.226.39.182

🇸🇴 197.231.202.201

🇲🇰 185.56.250.202

🇫🇷 181.215.94.6

🇺🇸 162.216.149.220

🇵🇪 161.132.50.236

🇺🇸 156.232.13.218