JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.33.143

104.207.33.143 was found in our database!

This IP was reported 134 times. Confidence of Abuse is 15%: ?

15%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.33.143

Whois 104.207.33.143

IP Abuse Reports for 104.207.33.143:

This IP address has been reported a total of 134 times from 15 distinct sources. 104.207.33.143 was first reported on June 4th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 lostswordfish.com	2026-05-31 10:28:04 (3 weeks ago)	Wordfence waf block on jestrellafoundation	Web App Attack
🇨🇿 ddw	2026-05-31 04:42:58 (3 weeks ago)	WordPress Brute Force Attack.	Hacking Brute-Force Web App Attack
🇲🇹 Malta	2026-05-26 02:35:06 (4 weeks ago)	104.207.33.143 - - [26/May/2026:04:35:06 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintos ... show more 104.207.33.143 - - [26/May/2026:04:35:06 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.1.15" show less	Hacking Web App Attack VPN IP
🇫🇷 masterguru	2026-04-06 01:03:45 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.33.143 (US/United States/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.33.143 (US/United States/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇱🇻 garmtech.com	2026-03-30 06:06:45 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇱🇻 garmtech.com	2026-03-27 11:12:50 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇫🇷 masterguru	2026-03-27 11:10:44 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.33.143 (US/United States/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.33.143 (US/United States/-): 1 in the last 3600 secs (0-193) show less	Hacking
Anonymous	2026-03-21 11:04:11 (3 months ago)	Forum/form spam	Web Spam
🇱🇻 garmtech.com	2026-03-15 16:59:10 (3 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 06:27:14 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 01:27:11.036503 2026] [security2:error] [pid 22593:tid 22593] [client 104.207.33.143:41117] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "artsun.com"] [uri "/api/.env"] [unique_id "aY1yv5T6AGjzwX1ZO6YgSwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 02:09:01 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 21:08:54.567562 2026] [security2:error] [pid 4317:tid 4317] [client 104.207.33.143:16421] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arresteddevelopmentinsight.com"] [uri "/app/.env"] [unique_id "aY02NjsVbIA8OHWiQcZ1cAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 00:37:31 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 19:37:26.885755 2026] [security2:error] [pid 25896:tid 25896] [client 104.207.33.143:46477] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "10mostwantedfugitives.net"] [uri "/config/.env"] [unique_id "aY0gxomgKev2NGO38f3lAgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-02-11 22:14:07 (4 months ago)	IM360 WAF: Laravel .env file access	Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 05:01:14 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 00:01:10.722134 2026] [security2:error] [pid 12883:tid 12883] [client 104.207.33.143:29873] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kmelson.com"] [uri "/.env.local"] [unique_id "aYq7lqiwXkynlgnsZvZ-5gAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:41:47 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:41:42.708872 2026] [security2:error] [pid 18165:tid 18165] [client 104.207.33.143:50299] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ibermar.info"] [uri "/admin/.git/config"] [unique_id "aYqo9gRv3slO2p6G7iipeQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 134 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 217.168.240.63

🇹🇼 198.235.24.15

🇳🇱 176.65.139.248

🇧🇷 164.152.250.192

🇳🇱 158.94.211.207

🇳🇱 91.92.40.47

🇨🇳 36.133.130.103

🇬🇧 35.203.211.192

🇰🇷 1.222.42.237

🇺🇸 172.191.178.196

🇺🇸 147.185.132.152

🇮🇳 122.176.117.147

🇵🇭 118.194.238.196

🇨🇳 106.12.221.161

🇮🇷 85.198.19.239

🇫🇷 64.204.13.233

🇷🇺 62.16.41.154

🇺🇸 48.214.144.100

🇳🇱 45.148.10.157

🇻🇳 45.117.177.47