JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.33.135

104.207.33.135 was found in our database!

This IP was reported 138 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.33.135

Whois 104.207.33.135

IP Abuse Reports for 104.207.33.135:

This IP address has been reported a total of 138 times from 25 distinct sources. 104.207.33.135 was first reported on July 5th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-04-22 09:00:07 (1 month ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇦🇺 MAGIC	2026-03-14 03:18:04 (3 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 mind5t0rm	2026-03-02 20:35:02 (3 months ago)	(WPLOGIN) WP Login Attack 104.207.33.135 (US/United States/-): 3 in the last 3600 secs; Ports: ; Di ... show more (WPLOGIN) WP Login Attack 104.207.33.135 (US/United States/-): 3 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: 104.207.33.135 - - [03/Mar/2026:03:34:34 +0700] "GET /wp-login.php?wp_lang=en_US HTTP/2.0" 200 2454 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" 104.207.33.135 - - [03/Mar/2026:03:34:35 +0700] "POST /wp-login.php?wp_lang=en_US HTTP/2.0" 302 0 "https://zerowaterthailand.com/wp-login.php?wp_lang=en_US" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" 104.207.33.135 - - [03/Mar/2026:03:34:59 +0700] "GET /wp-login.php?redirect_to=https%3A%2F%2Fwww.zerowaterthailand.com%2Fwp-admin%2F&reauth=1 HTTP/2.0" 200 2455 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" show less	Port Scan
🇺🇸 windowsforum	2026-02-24 06:29:22 (3 months ago)	Spam bot registration: triggers=timing, js_challenge, inv_honeypot, pow_fail, username=StarSowers	Web Spam Bad Web Bot
🇫🇷 Jean Valjean	2025-12-30 18:44:31 (5 months ago)	Fail2ban Caboom : xmlrpc.php Abuse	SQL Injection Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:08 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-12-10 22:34:19 (6 months ago)	botnet	DDoS Attack
🇬🇧 SecondEdge	2025-12-04 11:32:30 (6 months ago)	A web attack was detected from 104.207.33.135 (China) against second-edge.co.uk (AWS Credentials Pro ... show more A web attack was detected from 104.207.33.135 (China) against second-edge.co.uk (AWS Credentials Probe). show less	Web App Attack
🇩🇪 iNetWorker	2025-11-24 09:26:35 (6 months ago)	trolling for resource vulnerabilities	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:22:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.135 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:22:23.397394 2025] [security2:error] [pid 4720:tid 4720] [client 104.207.33.135:56669] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "banyonsbookdoctor.com"] [uri "/.git/HEAD"] [unique_id "aSQVv_nhFnMhOkqCPhcWoAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:42:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.135 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:41:55.531223 2025] [security2:error] [pid 1616:tid 1616] [client 104.207.33.135:20833] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.volollc.com"] [uri "/.svn/wc.db"] [unique_id "aSQMQyJ84LG0wBzZhz6RYQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:08:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.135 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:08:37.584837 2025] [security2:error] [pid 31110:tid 31110] [client 104.207.33.135:60903] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.bostonlog.com"] [uri "/.git/HEAD"] [unique_id "aSPoVT4fDdF6wkbqIm6TOgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 02:54:34 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇨🇦 wil.com	2025-10-29 06:07:17 (7 months ago)	GlobalProtect login attempts with user bmallia.	VPN IP Brute-Force
🇫🇷 dynamix	2025-10-16 13:12:01 (7 months ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack

Showing 1 to 15 of 138 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 177.71.93.117

🇺🇸 173.244.60.155

🇦🇷 170.210.136.58

🇩🇪 161.35.28.29

🇯🇵 118.194.229.94

🇮🇪 54.171.118.55

🇨🇱 34.176.163.28

🇨🇳 14.29.214.161

🇪🇹 196.189.237.172

🇬🇧 185.247.137.152

🇮🇶 169.224.14.99

🇮🇳 160.187.48.103

🇸🇬 148.66.142.9

🇰🇭 119.15.87.78

🇨🇳 112.66.9.240

🇰🇪 105.164.128.161

🇩🇿 105.111.181.155

🇺🇸 98.179.217.254

🇮🇹 93.42.210.150

🇺🇸 45.92.229.10