JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.33.156

104.207.33.156 was found in our database!

This IP was reported 145 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.33.156

Whois 104.207.33.156

IP Abuse Reports for 104.207.33.156:

This IP address has been reported a total of 145 times from 24 distinct sources. 104.207.33.156 was first reported on June 27th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-07 20:27:55 (1 month ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 Steve	2026-04-11 08:48:23 (2 months ago)	Repeated attempts against wordpress site	Brute-Force Web App Attack
Anonymous	2026-03-29 22:05:14 (2 months ago)	Web attack	Bad Web Bot Web App Attack
🇫🇷 tilellit.pro	2026-01-22 00:32:25 (4 months ago)	Fail2Ban banned 104.207.33.156 for security violations in jail wp-armour. Log: 2026/01/22 00:32:24 [ ... show more Fail2Ban banned 104.207.33.156 for security violations in jail wp-armour. Log: 2026/01/22 00:32:24 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 104.207.33.156 \| Target: wplogin" , client: 104.207.33.156, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇺🇸 TPI-Abuse	2026-01-08 09:16:09 (5 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.33.156 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.33.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 08 04:16:01.578490 2026] [security2:error] [pid 27266:tid 27266] [client 104.207.33.156:49207] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|admin.turedinmobiliaria.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "admin.turedinmobiliaria.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aV910TUceiTpxzq8r5lsaAAAAAE"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Psycho Solutions LLC	2025-12-30 09:48:57 (5 months ago)	Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User A ... show more Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User Agent: N/A - Timestamp: 12/30/2025 9:48 am (UTC-6) show less	Web Spam Hacking Bad Web Bot Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-12-26 13:09:30 (5 months ago)	WP Login Scan Activities	Web App Attack
🇪🇸 el-brujo	2025-12-10 19:07:44 (6 months ago)	[Wed Dec 10 20:07:41.445117 2025] [proxy_fcgi:error] [pid 1434006:tid 1434040] [remote 104.207.33.15 ... show more [Wed Dec 10 20:07:41.445117 2025] [proxy_fcgi:error] [pid 1434006:tid 1434040] [remote 104.207.33.156:0] AH01071: Got error 'Primary script unknown\n', referer: https://www.google.com [Wed Dec 10 20:07:43.569838 2025] [proxy_fcgi:error] [pid 1085640:tid 1085642] [remote 104.207.33.156:0] AH01071: Got error 'Primary script unknown\n', referer: https://www.google.com ... show less	Hacking Web App Attack
🇫🇮 Shaik Sai Meera	2025-12-09 22:15:13 (6 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇨🇭 backslash	2025-12-08 02:05:03 (6 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-05 14:34:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.156 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 09:34:08.343752 2025] [security2:error] [pid 3984:tid 3984] [client 104.207.33.156:39917] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gwdailey.com"] [uri "/.env"] [unique_id "aTLtYHYVeKuUnsNC5XVFfwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 09:31:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.156 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 04:31:47.988590 2025] [security2:error] [pid 6529:tid 6529] [client 104.207.33.156:17907] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "estatemartinc.com"] [uri "/.env"] [unique_id "aTKmgyfKbCf3d5rEOg8C7AAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 02:36:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.156 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 21:36:42.618485 2025] [security2:error] [pid 18367:tid 18367] [client 104.207.33.156:28129] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "theamarals.com"] [uri "/.env"] [unique_id "aTJFOjOuGH1zw4dGB0pkjQAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2025-11-28 19:38:55 (6 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.33.156 (US/United States/-) ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.33.156 (US/United States/-): 2 in the last 3600 secs show less	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-11-24 16:02:40 (6 months ago)	WP Login Scan Activities	Web App Attack

Showing 1 to 15 of 145 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 213.177.179.12

🇮🇷 171.22.27.209

🇦🇺 111.220.132.84

🇺🇸 12.179.203.4

🇲🇾 219.92.209.175

🇭🇰 199.45.154.179

🇺🇸 162.216.149.206

🇮🇳 116.74.133.170

🇺🇦 79.143.45.75

🇳🇱 45.148.10.141

🇧🇪 34.156.226.70

🇮🇳 27.123.90.94

🇮🇳 3.108.158.24

🇺🇸 208.109.212.211

🇹🇼 198.235.24.76

🇧🇴 190.129.122.185

🇲🇽 186.96.145.241

🇨🇦 184.151.88.27

🇻🇳 171.243.150.62

🇨🇳 124.221.158.176