JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.33.13

104.207.33.13 was found in our database!

This IP was reported 135 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.33.13

Whois 104.207.33.13

IP Abuse Reports for 104.207.33.13:

This IP address has been reported a total of 135 times from 32 distinct sources. 104.207.33.13 was first reported on June 4th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 oncord	2026-04-08 02:17:04 (2 months ago)	Form spam	Web Spam
🇺🇸 mind5t0rm	2026-03-30 12:41:30 (2 months ago)	(WPLOGIN,XMLRPC) Login failure/trigger from 104.207.33.13 (US/United States/-): 3 in the last 3600 s ... show more (WPLOGIN,XMLRPC) Login failure/trigger from 104.207.33.13 (US/United States/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 104.207.33.13 - - [30/Mar/2026:19:40:56 +0700] "GET /wp-login.php HTTP/2.0" 200 2513 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0" 104.207.33.13 - - [30/Mar/2026:19:40:59 +0700] "POST /xmlrpc.php HTTP/2.0" 403 154 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15" 104.207.33.13 - - [30/Mar/2026:19:41:27 +0700] "GET /wp-login.php HTTP/2.0" 200 2513 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" show less	Port Scan
🇺🇸 mnsf	2026-03-27 03:05:37 (2 months ago)	Too many Status 40X (11) Scanning/Probing (12)	Brute-Force Web App Attack
🇺🇸 myagent.site	2026-03-27 00:34:06 (2 months ago)	Blocking for trying to access an exploit file: /.env.staging	Hacking
Anonymous	2026-03-26 08:16:33 (2 months ago)	Forum/form spam	Web Spam
🇺🇸 Mundo Bueno	2026-03-24 00:50:03 (2 months ago)	[ISILIA Protection v2.1] Tentative d'accès: /xmlrpc.php \| Pays: US \| UA: PHP/7.3.41	Hacking Web App Attack
🇩🇪 Hugopvigo	2026-02-22 12:06:46 (3 months ago)	104.207.33.13 - - [22/Feb/2026:13:06:46 +0100] "GET /.git/config HTTP/1.1" 403 495 "-" "Mozilla/5.0 ... show more 104.207.33.13 - - [22/Feb/2026:13:06:46 +0100] "GET /.git/config HTTP/1.1" 403 495 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Hacking Brute-Force Web App Attack SSH
🇺🇸 WizardsToolkit	2026-02-20 14:14:35 (3 months ago)	tried to access forbidden files; attempted to access /wtk/contactUs.php	Web App Attack
🇺🇸 oncord	2026-02-15 20:43:00 (3 months ago)	Form spam	Web Spam
🇳🇱 homeshowdomain.nl	2026-02-13 22:59:41 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-13	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-13 12:54:33 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.13 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 07:54:30.434849 2026] [security2:error] [pid 20597:tid 20597] [client 104.207.33.13:51553] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "midwayisland.com"] [uri "/admin/.env"] [unique_id "aY8fBsiL6LczHpFq1hcA5QAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 08:24:48 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.13 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:24:39.702162 2026] [security2:error] [pid 21719:tid 21719] [client 104.207.33.13:44827] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ladbc.club"] [uri "/admin/.env"] [unique_id "aY7fx1h2D6fufSxSUatOAwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 08:00:07 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.13 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:00:01.994644 2026] [security2:error] [pid 9507:tid 9507] [client 104.207.33.13:59889] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "melsjukeboxes.com"] [uri "/backend/.env"] [unique_id "aY7aASfgvnloM_5JnleXXgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 07:12:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.13 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 02:12:18.229093 2026] [security2:error] [pid 9855:tid 9855] [client 104.207.33.13:45493] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "medpact.net"] [uri "/api/.git/config"] [unique_id "aY7O0vyUTn0JM3V0BHzgKwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 BlueWire Hosting	2026-02-13 06:09:37 (3 months ago)	Probing websites for vulnerabilities	SQL Injection Web App Attack

Showing 1 to 15 of 135 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 14.177.234.24

🇦🇷 190.181.101.182

🇲🇽 187.212.10.12

🇺🇸 172.253.218.221

🇨🇳 111.26.67.36

🇱🇹 77.90.185.238

🇨🇳 39.144.229.133

🇧🇷 177.159.150.111

🇨🇳 117.62.22.127

🇺🇸 107.167.34.125

🇺🇸 104.168.133.168

🇺🇸 71.229.1.186

🇺🇸 43.130.16.140

🇦🇪 5.38.44.123

🇨🇳 218.29.196.162

🇪🇹 196.189.51.64

🇮🇳 182.95.217.202

🇸🇪 146.247.233.62

🇳🇱 85.11.167.49

🇨🇳 58.247.139.54