JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.33.119

104.207.33.119 was found in our database!

This IP was reported 135 times. Confidence of Abuse is 13%: ?

13%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.33.119

Whois 104.207.33.119

IP Abuse Reports for 104.207.33.119:

This IP address has been reported a total of 135 times from 16 distinct sources. 104.207.33.119 was first reported on June 6th 2024, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Baking333	2026-06-06 13:35:27 (4 days ago)	[redacted] 104.207.33.119 - - [06/Jun/2026:14:35:26 +0100] "GET //wp-includes/[redacted] HTTP/1.1" 3 ... show more [redacted] 104.207.33.119 - - [06/Jun/2026:14:35:26 +0100] "GET //wp-includes/[redacted] HTTP/1.1" 302 5278 0/55092 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" [redacted] 104.207.33.119 - - [06/Jun/2026:14:35:26 +0100] "GET //[redacted]?rsd HTTP/1.1" 302 1549 0/57923 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" show less	Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-05-28 11:28:53 (1 week ago)	2.388 POST requests with url.path */wp-login.php	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-01-08 14:16:20 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 08 09:16:16.989816 2026] [security2:error] [pid 5529:tid 5529] [client 104.207.33.119:28223] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "flydarkestdays.com"] [uri "/.git/HEAD"] [unique_id "aV-8MIOKakeosADc-R0ihAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-30 18:31:12 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 30 13:30:44.854462 2025] [security2:error] [pid 10976:tid 10976] [client 104.207.33.119:11383] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.patrickodougherty.com"] [uri "/.svn/wc.db"] [unique_id "aVQaVBF4cSXeJiTfeEH74AAAACw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 06:17:20 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:17:13.655775 2025] [security2:error] [pid 1475:tid 1475] [client 104.207.33.119:50387] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "salonpurelodi.com"] [uri "/.svn/wc.db"] [unique_id "aVIc6as7TiJHnpza73CZvgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:43:37 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:43:29.556883 2025] [security2:error] [pid 22810:tid 22810] [client 104.207.33.119:56965] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "legalnexuslawfirm.com"] [uri "/.svn/wc.db"] [unique_id "aVIVAXfLLHALyZU9OoVV1wAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 03:44:05 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 22:43:55.548934 2025] [security2:error] [pid 12172:tid 12172] [client 104.207.33.119:34797] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "livinghomegrown.com"] [uri "/.env"] [unique_id "aVH4-7aegR49pfoN2sY3tQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 nowyouknow	2025-12-04 19:25:15 (6 months ago)	(From [email protected]) Hello, Greetings from United Electrical Contractors. ... show more (From [email protected]) Hello, Greetings from United Electrical Contractors. After reviewing your services, we are interested in sourcing materials/services from your organization for an upcoming project. I am reaching out to confirm your company’s current capacity, as we have a project scheduled to begin soon. Please provide a quotation for your services so we can continue with our planning. Additionally, kindly review the attached document and let us know if you have any questions or updates regarding feasibility or capabilities. We are ready to proceed once we receive your feedback. Regards, Mckee Sean show less	Phishing Web Spam
🇺🇸 TPI-Abuse	2025-11-28 20:01:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 15:01:34.882424 2025] [security2:error] [pid 26299:tid 26299] [client 104.207.33.119:21959] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aapm.racing"] [uri "/.env.production"] [unique_id "aSn_nhhANz3bIt4mXq8aYwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-27 12:55:50 (6 months ago)	Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.27 is noted in report ti ... show more Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.27 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-26 11:02:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:02:51.581443 2025] [security2:error] [pid 27856:tid 27856] [client 104.207.33.119:60605] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.walterjhoodco.com"] [uri "/.svn/wc.db"] [unique_id "aSbeW3HqhuiqG7GEqvuRTwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:28:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:28:16.646531 2025] [security2:error] [pid 12560:tid 12560] [client 104.207.33.119:35979] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.oakvillenaturopathicclinic.com"] [uri "/.svn/wc.db"] [unique_id "aSZlwJKjXTtDPHszXs8jawAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-17 06:25:07 (6 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.17 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.17 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-14 12:34:18 (6 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.14 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.14 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-14 05:36:17 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 135 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 193.164.155.103

🇮🇩 182.253.156.184

🇺🇸 162.216.149.138

🇸🇾 82.100.175.31

🇳🇱 45.148.10.152

🇬🇧 35.203.211.180

🇺🇿 213.230.92.67

🇧🇷 201.77.124.248

🇦🇷 186.158.239.150

🇺🇸 185.198.240.112

🇮🇷 185.126.200.110

🇧🇷 177.192.21.57

🇺🇦 176.122.127.159

🇺🇸 172.239.71.244

🇻🇳 171.244.142.205

🇧🇩 161.248.205.129

🇵🇰 103.191.119.216

🇰🇿 95.141.133.242

🇳🇱 91.92.42.120

🇮🇷 85.133.193.72