JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.33.129

104.207.33.129 was found in our database!

This IP was reported 140 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.33.129

Whois 104.207.33.129

IP Abuse Reports for 104.207.33.129:

This IP address has been reported a total of 140 times from 16 distinct sources. 104.207.33.129 was first reported on June 5th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 rdpguard.com	2026-05-25 06:57:46 (1 week ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇨🇭 4server	2026-04-06 16:41:38 (2 months ago)	[MonApr0618:41:36.1836172026][security2:error][pid446329:tid446342][client104.207.33.129:0]ModSecuri ... show more [MonApr0618:41:36.1836172026][security2:error][pid446329:tid446342][client104.207.33.129:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"200\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"www.giuristifriburgo.ch\"][uri\"/xmlrpc.php\"][unique_id\"adPiQLaRuVrjR8BxlkrybwAAAEo\"] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 08:53:46 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.129 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 03:53:38.589254 2025] [security2:error] [pid 24833:tid 24833] [client 104.207.33.129:27763] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "starsmogsandiego.com"] [uri "/.svn/wc.db"] [unique_id "aVJBkjPvg5Pky2QW-XSbnQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 06:24:45 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.129 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:24:40.501522 2025] [security2:error] [pid 22883:tid 22883] [client 104.207.33.129:36633] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "naturalhomebuilders.com"] [uri "/.git/HEAD"] [unique_id "aVIeqOHbGHtlYvzI3HxbTAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:50:49 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.129 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:50:42.707786 2025] [security2:error] [pid 8666:tid 8666] [client 104.207.33.129:54813] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "turquoisetidestravel.com"] [uri "/.env"] [unique_id "aVIWsrcDrrAN69oes4yDIAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2025-12-04 07:16:49 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Vivaldi/5.3.2679.68 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2025-11-29 09:15:43 (6 months ago)	Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.29 is noted in report ti ... show more Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.29 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-24 08:39:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.129 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:39:47.008807 2025] [security2:error] [pid 13333:tid 13333] [client 104.207.33.129:19447] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "beetreelabs.com"] [uri "/.env"] [unique_id "aSQZ061XOcH1XqYP6lBvDwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:10:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.129 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:10:10.891130 2025] [security2:error] [pid 25105:tid 25138] [client 104.207.33.129:16381] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.alred.net"] [uri "/.git/HEAD"] [unique_id "aSQS4sn5O4wpUvSPLAuVngAAAFQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:14:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.129 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:14:34.209879 2025] [security2:error] [pid 5605:tid 5605] [client 104.207.33.129:52279] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "altoshp.com"] [uri "/.git/HEAD"] [unique_id "aSP3yrQ2LQflT74EPKHzjAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 oncord	2025-11-23 23:43:47 (6 months ago)	Form spam	Web Spam
🇳🇱 i-turnradio.nl	2025-11-22 09:42:03 (6 months ago)	2025-11-22 @ 10:42:03 (CET) ~ Blocked based on risk assessment and prior abuse reports	Web App Attack
🇬🇧 relianoid.com	2025-11-17 23:57:54 (6 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
Anonymous	2025-11-17 14:37:33 (6 months ago)	Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.17 is noted in report ti ... show more Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.17 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 techboy117	2025-11-14 00:41:07 (6 months ago)	Blocking due to password spraying.	Brute-Force

Showing 1 to 15 of 140 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇩 123.49.60.158

🇨🇳 218.25.89.208

🇳🇱 176.65.139.31

🇭🇰 152.32.170.230

🇧🇬 79.124.62.178

🇺🇦 37.221.159.22

🇻🇪 190.6.32.107

🇺🇦 185.218.138.55

🇫🇮 178.20.210.152

🇨🇳 123.145.3.137

🇧🇩 103.148.74.80

🇳🇬 102.88.137.80

🇩🇪 78.111.67.238

🇺🇸 66.132.195.91

🇺🇸 34.63.156.105

🇪🇸 200.234.227.20

🇸🇬 188.166.246.68

🇳🇱 107.189.27.179

🇩🇪 84.233.195.162

🇩🇪 84.233.195.159