JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.33.189

104.207.33.189 was found in our database!

This IP was reported 154 times. Confidence of Abuse is 35%: ?

35%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.33.189

Whois 104.207.33.189

IP Abuse Reports for 104.207.33.189:

This IP address has been reported a total of 154 times from 26 distinct sources. 104.207.33.189 was first reported on June 20th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ELYAZ	2026-06-16 01:55:06 (1 week ago)	(y4) Failed scan -byebye- from 104.207.33.189 (US/United States/-): (CF_ENABLE)	Hacking
Anonymous	2026-06-14 14:42:31 (2 weeks ago)	[server.tmg.gr] httpd-login-spray-site: sites=cardioathena2021.gr; logs=/var/log/httpd/domains/cardi ... show more [server.tmg.gr] httpd-login-spray-site: sites=cardioathena2021.gr; logs=/var/log/httpd/domains/cardioathena2021.gr.log; samples=site_wide=true \| distinct_ips=19 \| /wp-login.php show less	Hacking Web App Attack
🇲🇽 octageeks.com	2026-06-14 04:22:02 (2 weeks ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇦🇺 MAGIC	2026-06-13 01:31:11 (2 weeks ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2026-06-12 14:20:55 (2 weeks ago)	Web attack blocked by Wordfence on gedichtenlangsdegeul.nl (1 hit). Reported by CRMON.	Web App Attack
🇲🇹 Malta	2026-06-10 04:46:13 (2 weeks ago)	104.207.33.189 - - [10/Jun/2026:06:46:12 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintos ... show more 104.207.33.189 - - [10/Jun/2026:06:46:12 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1; rv:120.0) Gecko/20100101 Firefox/120.0" show less	Hacking Web App Attack
🇩🇪 iNetWorker	2026-05-30 11:07:27 (4 weeks ago)	trolling for resource vulnerabilities	Web App Attack
Anonymous	2026-05-29 21:24:05 (4 weeks ago)	[ssd5.kdns.gr] httpd-login-spray-site: sites=rheumatologiko.gr; logs=/var/log/httpd/domains/rheumato ... show more [ssd5.kdns.gr] httpd-login-spray-site: sites=rheumatologiko.gr; logs=/var/log/httpd/domains/rheumatologiko.gr.log; samples=site_wide=true \| distinct_ips=20 \| /wp-login.php show less	Hacking Web App Attack
🇫🇷 ELYAZ	2026-05-29 21:14:21 (4 weeks ago)	(y4) Failed scan -byebye- from 104.207.33.189 (US/United States/-): (CF_ENABLE)	Hacking
Anonymous	2026-04-12 05:44:16 (2 months ago)	Attempt to scan vulnerabilities	Hacking
🇺🇸 TPI-Abuse	2026-01-17 07:45:26 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.189 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 02:45:18.492810 2026] [security2:error] [pid 1707:tid 1707] [client 104.207.33.189:50523] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ikutabukkyokai.com"] [uri "/.env"] [unique_id "aWs-DsZR1DvBUPy0Mt-RhAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 06:20:26 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.189 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 01:20:21.165512 2026] [security2:error] [pid 66645:tid 66716] [client 104.207.33.189:9573] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.emmaryan.net"] [uri "/.env"] [unique_id "aWsqJTITUViAZ2KK3cFbAwAAAIU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-16 01:15:25 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 104.207.33.189 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 104.207.33.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 15 20:15:19.978107 2026] [security2:error] [pid 2329:tid 2329] [client 104.207.33.189:60663] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|sandpointidaho.com.kh6jim.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "sandpointidaho.com.kh6jim.com"] [uri "/s3cmd.ini"] [unique_id "aWmRJw7hjZTvlZiWv7bE_AAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:46 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇫🇮 as211431.net	2025-12-24 19:54:32 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: //wp-admin/setup-config.php UA: Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.3814.1083 Mobile Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot

Showing 1 to 15 of 154 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 219.121.17.79

🇵🇱 104.165.13.104

🇭🇰 47.239.23.179

🇷🇴 2.57.121.25

🇺🇸 216.180.246.240

🇧🇷 205.210.31.230

🇧🇪 198.235.24.180

🇬🇧 193.176.29.7

🇨🇳 180.158.214.239

🇳🇱 176.65.148.156

🇷🇴 151.242.191.232

🇮🇳 139.59.86.13

🇺🇸 75.186.12.247

🇨🇳 58.47.66.53

🇫🇮 45.87.249.146

🇧🇷 200.189.23.149

🇧🇷 186.233.118.22

🇺🇸 162.216.149.199

🇺🇸 147.185.132.97

🇺🇸 147.185.132.10