JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.33.150

104.207.33.150 was found in our database!

This IP was reported 167 times. Confidence of Abuse is 19%: ?

19%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.33.150

Whois 104.207.33.150

IP Abuse Reports for 104.207.33.150:

This IP address has been reported a total of 167 times from 27 distinct sources. 104.207.33.150 was first reported on June 12th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-23 03:49:12 (1 day ago)	Web App Attack	Web App Attack
🇫🇷 Sklurk	2026-06-20 04:28:58 (4 days ago)	Web App Attack	Web App Attack
🇩🇪 R.G.	2026-06-09 22:21:15 (2 weeks ago)	(XMLRPCorWHATEVER) Get lost please 104.207.33.150 (US/United States/-): 3 in the last 900 secs; Port ... show more (XMLRPCorWHATEVER) Get lost please 104.207.33.150 (US/United States/-): 3 in the last 900 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇬🇧 PeravixGroup	2026-05-26 12:04:52 (4 weeks ago)	Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Sever ... show more Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
Anonymous	2026-04-23 16:08:42 (2 months ago)	Forum/form spam	Web Spam
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇮🇹 VHosting	2025-12-23 11:24:09 (6 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
Anonymous	2025-12-04 09:30:29 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-26 16:39:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.150 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 11:39:49.078491 2025] [security2:error] [pid 11011:tid 11011] [client 104.207.33.150:33943] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.effectivefirearms.com"] [uri "/.svn/wc.db"] [unique_id "aSctVUtJ4_n3y7x6jTXRZgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-26 03:01:25 (6 months ago)	Attempted brute force login to web vpn 24 time(s); last attempt for 2025.11.26 is noted in report ti ... show more Attempted brute force login to web vpn 24 time(s); last attempt for 2025.11.26 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-25 04:34:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.150 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:34:30.487542 2025] [security2:error] [pid 26468:tid 26468] [client 104.207.33.150:16811] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.ctrussell.us"] [uri "/.env"] [unique_id "aSUx1hwLcytFJJBWec4CcQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:13:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.150 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:13:45.838227 2025] [security2:error] [pid 3488:tid 3488] [client 104.207.33.150:14041] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.eaglespiritproductions.com"] [uri "/.git/HEAD"] [unique_id "aSUs-e9CQsEqjAOK5CVVwAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:55:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.150 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:55:43.705978 2025] [security2:error] [pid 22571:tid 22571] [client 104.207.33.150:56343] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.babylontravelone.com"] [uri "/.git/HEAD"] [unique_id "aSUov0bMojaa6V87eyGaNwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:16:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.150 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:15:57.512158 2025] [security2:error] [pid 27966:tid 27966] [client 104.207.33.150:12749] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.miroddi.com"] [uri "/.svn/wc.db"] [unique_id "aSUfbXFRcdR9OuRXeQ3CRAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:02:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.150 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:02:06.830289 2025] [security2:error] [pid 3060:tid 3060] [client 104.207.33.150:30433] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.hi-niemczuras.net"] [uri "/.svn/wc.db"] [unique_id "aSUOHkultBXtGarcYFKWkgAAABg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 167 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 2401:4900:c916:3bb1:d95:b3:cc3d:f12b

🇳🇱 204.76.203.219

🇧🇬 193.24.211.107

🇨🇳 125.47.32.2

🇫🇷 85.217.140.16

🇺🇸 67.85.146.216

🇱🇹 45.227.254.170

🇺🇸 2600:1900:4120:e3fb:0:31::

🇨🇦 148.113.190.153

🇺🇸 135.119.73.164

🇺🇸 107.167.34.125

🇫🇷 91.238.181.92

🇮🇷 91.92.129.231

🇬🇧 81.19.219.202

🇺🇸 47.251.98.79

🇳🇱 45.142.193.122

🇮🇷 185.112.33.84

🇳🇱 176.65.139.94

🇳🇬 152.32.143.189

🇨🇦 144.217.161.208