JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.33.252

104.207.33.252 was found in our database!

This IP was reported 150 times. Confidence of Abuse is 22%: ?

22%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.33.252

Whois 104.207.33.252

IP Abuse Reports for 104.207.33.252:

This IP address has been reported a total of 150 times from 20 distinct sources. 104.207.33.252 was first reported on June 7th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 R.G.	2026-06-11 10:15:21 (1 day ago)	(XMLRPCorWHATEVER) Get lost please 104.207.33.252 (US/United States/-): 3 in the last 900 secs; Port ... show more (XMLRPCorWHATEVER) Get lost please 104.207.33.252 (US/United States/-): 3 in the last 900 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇬🇧 PeravixGroup	2026-06-10 15:06:03 (2 days ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 integrantservices.com	2026-06-03 14:02:50 (1 week ago)	(PERMBLOCK) 104.207.33.252 (US/United States/-) has had more than 4 temp blocks	Hacking
🇺🇸 integrantservices.com	2026-06-03 13:00:11 (1 week ago)	(wordpress) Failed wordpress login from 104.207.33.252 (US/United States/-)	Brute-Force
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:20 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇮🇹 VHosting	2025-12-22 21:38:30 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
Anonymous	2025-12-08 12:31:28 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-12-02 19:49:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 14:49:28.041261 2025] [security2:error] [pid 18033:tid 18033] [client 104.207.33.252:12405] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "globalmappinginc.com"] [uri "/.svn/wc.db"] [unique_id "aS9CyN04-ANdMQtqKCdFggAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 19:28:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 14:28:04.506705 2025] [security2:error] [pid 7892:tid 7892] [client 104.207.33.252:41817] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cosentient.com"] [uri "/.git/HEAD"] [unique_id "aS89xGYH-f1zmf2R0QZ9IAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 13:34:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 08:34:52.427646 2025] [security2:error] [pid 30147:tid 30147] [client 104.207.33.252:53409] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ggisoftware.com"] [uri "/.git/HEAD"] [unique_id "aS7q_A1PM955xuZOufYQIAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 13:13:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 08:13:06.063903 2025] [security2:error] [pid 30493:tid 30493] [client 104.207.33.252:35097] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rayeliotschwartz.com"] [uri "/.svn/wc.db"] [unique_id "aS7l4hP5sGHhhy3TrIAGdQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 12:16:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 07:16:14.649904 2025] [security2:error] [pid 3081:tid 3081] [client 104.207.33.252:39713] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "snowrideadventures.com"] [uri "/.svn/wc.db"] [unique_id "aS7YjrgkGyWI9XGLvyrA_wAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 11:19:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 06:19:26.095143 2025] [security2:error] [pid 20975:tid 20975] [client 104.207.33.252:52023] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "merrilymovie.com"] [uri "/.git/HEAD"] [unique_id "aS7LPihbTS342LM7A44XbwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 10:50:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 05:50:37.261642 2025] [security2:error] [pid 4039:tid 4039] [client 104.207.33.252:21091] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "personalizedbabyshowernapkins.com"] [uri "/.svn/wc.db"] [unique_id "aS7Efd58lTUZ5cjUU9v5JAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:52:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:52:11.610595 2025] [security2:error] [pid 10156:tid 10156] [client 104.207.33.252:10035] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "streamlinenz.com"] [uri "/.env"] [unique_id "aS5wew8BHMHy3Uwy7j2vwwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 150 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 211.149.131.113

🇧🇷 191.53.9.174

🇫🇷 172.71.127.118

🇺🇸 171.22.108.236

🇺🇸 162.216.150.224

🇺🇸 150.107.38.189

🇯🇵 142.248.151.237

🇻🇳 119.15.171.160

🇷🇺 95.215.108.47

🇵🇱 89.68.245.7

🇹🇼 60.250.246.239

🇺🇸 47.88.78.4

🇮🇷 2.180.32.104

🇲🇳 203.23.199.88

🇭🇰 199.45.155.78

🇭🇺 193.226.196.159

🇧🇷 177.37.141.178

🇨🇳 120.87.99.202

🇨🇳 112.50.85.25

🇺🇸 76.183.91.223