JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.33.161

104.207.33.161 was found in our database!

This IP was reported 148 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.33.161

Whois 104.207.33.161

IP Abuse Reports for 104.207.33.161:

This IP address has been reported a total of 148 times from 23 distinct sources. 104.207.33.161 was first reported on June 11th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-03-03 12:10:53 (3 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇱🇻 garmtech.com	2026-03-02 17:10:07 (3 months ago)	IM360 WAF: WordPress malicious plugin install block MV:dummy-plugin.zip	Web App Attack
Anonymous	2025-12-16 03:40:15 (5 months ago)	2025-12-16T05:40:15.096698+02:00 zanati wp(www.sahpa.co.za)[978041]: Blocked authentication attempt ... show more 2025-12-16T05:40:15.096698+02:00 zanati wp(www.sahpa.co.za)[978041]: Blocked authentication attempt for [email protected] from 104.207.33.161 ... show less	Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 20:02:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.161 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 15:02:06.699528 2025] [security2:error] [pid 11217:tid 11217] [client 104.207.33.161:43281] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rktect.com"] [uri "/.git/HEAD"] [unique_id "aS9Fvj_18Bd84zciXjQjSwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 09:36:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.161 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 04:36:49.224918 2025] [security2:error] [pid 32406:tid 32406] [client 104.207.33.161:35241] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "californiacbcdelegation.com"] [uri "/.svn/wc.db"] [unique_id "aS6zMQF1S-iv3UoHh9vR7wAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 07:41:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.161 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 02:41:26.372002 2025] [security2:error] [pid 23886:tid 23886] [client 104.207.33.161:34353] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "graduationinvitationsonline.com"] [uri "/.env"] [unique_id "aS6YJjA187vceu72ufK2zwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 06:59:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.161 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 01:59:00.635613 2025] [security2:error] [pid 9724:tid 9724] [client 104.207.33.161:30333] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "interiorsolutions-stuart.com"] [uri "/.env"] [unique_id "aS6ONKSrOsNEmQqCIwhNswAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:15:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.161 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:15:07.268554 2025] [security2:error] [pid 26792:tid 26792] [client 104.207.33.161:32005] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "onyxcc.com"] [uri "/.svn/wc.db"] [unique_id "aS5126XiSd6rgEpQeN0migAAACM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 01:35:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.161 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 20:35:33.390126 2025] [security2:error] [pid 31916:tid 31916] [client 104.207.33.161:30535] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "feministvoice.blog"] [uri "/.env"] [unique_id "aS5CZackubROGZuouKjTeAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-27 13:54:50 (6 months ago)	Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.27 is noted in report ti ... show more Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.27 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-24 07:08:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.161 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:08:17.072048 2025] [security2:error] [pid 985:tid 985] [client 104.207.33.161:19489] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.blockadefoundationrepair.com"] [uri "/.env"] [unique_id "aSQEYdFbYQbOiTxROHSi_QAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:38:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.161 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:38:45.158844 2025] [security2:error] [pid 3864:tid 3864] [client 104.207.33.161:18639] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.muranelli.com"] [uri "/.git/HEAD"] [unique_id "aSPhVRwBlPRGaakNpT3iawAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-17 11:19:33 (6 months ago)	Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.17 is noted in report ti ... show more Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.17 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-14 21:19:20 (6 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
Anonymous	2025-11-14 13:22:45 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 148 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 194.26.192.168

🇳🇱 173.194.169.88

🇮🇳 103.251.49.155

🇮🇳 103.107.60.45

🇷🇴 80.94.92.186

🇮🇳 59.92.50.157

🇷🇴 2.57.121.112

🇺🇸 162.142.125.6

🇸🇬 68.183.178.130

🇱🇹 45.227.254.170

🇺🇸 44.39.166.96

🇫🇮 35.228.205.91

🇨🇳 221.6.123.203

🇩🇪 217.254.202.36

🇧🇬 193.24.211.107

🇺🇸 170.187.165.134

🇿🇦 102.64.37.239

🇭🇰 36.255.220.145

🇮🇷 185.147.40.148

🇨🇳 111.26.106.115