JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.59.66

104.207.59.66 was found in our database!

This IP was reported 121 times. Confidence of Abuse is 17%: ?

17%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.59.66

Whois 104.207.59.66

IP Abuse Reports for 104.207.59.66:

This IP address has been reported a total of 121 times from 14 distinct sources. 104.207.59.66 was first reported on June 4th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 pm33	2026-05-23 04:38:50 (1 week ago)	Wordpress login attempts	Brute-Force
🇩🇪 4server	2026-04-21 13:07:44 (1 month ago)	[TueApr2115:07:42.2069262026][security2:error][pid3025243:tid3025353][client104.207.59.66:0]ModSecur ... show more [TueApr2115:07:42.2069262026][security2:error][pid3025243:tid3025353][client104.207.59.66:0]ModSecurity:Accessdeniedwithcode403$phase1$.Patternmatch\"$\?i$$\?:/\(\?:\^\\|/$\\\\\\\\.$env\\|git\\|svn\\|hg\\|DS_Store$\\|/$\?:wp-config\\|\\\\\\\\.htaccess\\|\\\\\\\\.htpasswd$\\|\\\\\\\\.$\?:sql\\|bak\\|old\\|log$\$\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"156\"][id\"960720\"][msg\"Forbiddenfileaccessattempt\"][severity\"CRITICAL\"][hostname\"elyon2.ch\"][uri\"/mysql.sql\"][unique_id\"aed2nmR1Z2zCLsvvYp9mDgAAAFg\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 WizardsToolkit	2026-04-20 14:58:35 (1 month ago)	attempted to access /mysql.sql	Web App Attack
🇩🇪 bescared	2026-04-19 07:52:00 (1 month ago)	Malicious activity detected: URL probing.	Bad Web Bot Web App Attack Hacking
🇪🇸 10dencehispahard SL	2026-01-28 05:31:37 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇺🇸 TPI-Abuse	2025-11-24 05:27:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.66 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:27:12.051919 2025] [security2:error] [pid 17826:tid 17826] [client 104.207.59.66:53591] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.agapeaccounting.com"] [uri "/.svn/wc.db"] [unique_id "aSPssEZIePl_GWMoYinITgAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:53:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.66 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:53:13.915157 2025] [security2:error] [pid 2805:tid 2805] [client 104.207.59.66:29127] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.musicalmuses.com"] [uri "/.git/HEAD"] [unique_id "aSPkuf1GZe8aJeC4yBvFaAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:30:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.59.66 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.59.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:30:49.833040 2025] [security2:error] [pid 14240:tid 14240] [client 104.207.59.66:29657] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.mcginleyclan.com"] [uri "/.env"] [unique_id "aSPfeVWATLqCrArtTsFboQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-11 07:29:43 (7 months ago)	Attempted brute force login to web vpn 54 time(s); last attempt for 2025.10.11 is noted in report ti ... show more Attempted brute force login to web vpn 54 time(s); last attempt for 2025.10.11 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-10 20:28:55 (7 months ago)	Attempted brute force login to web vpn 198 time(s); last attempt for 2025.10.10 is noted in report t ... show more Attempted brute force login to web vpn 198 time(s); last attempt for 2025.10.10 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-09 12:40:14 (7 months ago)	Attempted brute force login to web vpn 90 time(s); last attempt for 2025.10.09 is noted in report ti ... show more Attempted brute force login to web vpn 90 time(s); last attempt for 2025.10.09 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-08 21:56:30 (7 months ago)	Attempted brute force login to web vpn 72 time(s); last attempt for 2025.10.08 is noted in report ti ... show more Attempted brute force login to web vpn 72 time(s); last attempt for 2025.10.08 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-07 22:12:06 (7 months ago)	Attempted brute force login to web vpn 54 time(s); last attempt for 2025.10.07 is noted in report ti ... show more Attempted brute force login to web vpn 54 time(s); last attempt for 2025.10.07 is noted in report timestamp show less	Hacking Brute-Force
🇨🇿 lp	2025-09-30 12:21:25 (8 months ago)	SSH Brute force: 1 attempts were recorded from 104.207.59.66 2025-09-30T14:05:57+02:00 Invalid user ... show more SSH Brute force: 1 attempts were recorded from 104.207.59.66 2025-09-30T14:05:57+02:00 Invalid user admin from 104.207.59.66 port 17153 show less	Brute-Force SSH
Anonymous	2025-04-07 12:39:35 (1 year ago)	Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 121 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇪 2a05:d018:10df:d401:f8e9:c4fb:baac:c9b5

🇺🇸 147.185.132.147

🇺🇸 147.185.132.69

🇳🇱 45.148.10.183

🇺🇸 20.62.194.227

🇳🇱 2001:67c:e60:c0c:192:42:116:117

🇭🇰 199.45.155.94

🇲🇽 189.174.126.195

🇫🇮 172.217.37.148

🇳🇱 172.71.99.230

🇳🇬 165.154.11.225

🇭🇰 159.138.134.148

🇸🇬 158.178.243.5

🇨🇦 142.44.232.37

🇫🇷 91.231.89.43

🇨🇿 91.224.90.50

🇺🇸 66.132.172.206

🇨🇭 45.143.200.246

🇬🇧 45.137.126.36

🇺🇸 43.153.30.106