JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.33.42

104.207.33.42 was found in our database!

This IP was reported 161 times. Confidence of Abuse is 39%: ?

39%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.33.42

Whois 104.207.33.42

IP Abuse Reports for 104.207.33.42:

This IP address has been reported a total of 161 times from 26 distinct sources. 104.207.33.42 was first reported on June 4th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇷 setupgr	2026-06-11 08:20:05 (1 day ago)	(mod_security) mod_security (id:900001) triggered by 104.207.33.42: 1 in the last 86400 secs; Ports: ... show more (mod_security) mod_security (id:900001) triggered by 104.207.33.42: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Thu Jun 11 11:20:04.780941 2026] [security2:error] [pid 2066467:tid 2066664] [client 104.207.33.42:31577] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|alloweddomain2\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: sea-sound.com"] [severity "CRITICAL"] [tag "security"] [hostname "sea-sound.com"] [uri "/wp-login.php"] [unique_id "aipvtHN0xdA8CUhjxYAFBwAAAU8"], referer: https://sea-sound.com/wp-login.php show less	Port Scan
🇺🇸 dtorrer	2026-06-10 21:30:11 (2 days ago)	Brute-force general attack.	Brute-Force
Anonymous	2026-06-10 02:45:42 (2 days ago)	[server.tmg.gr] httpd-login-spray-site: sites=tmg.gr.forms; logs=/var/log/httpd/domains/tmg.gr.forms ... show more [server.tmg.gr] httpd-login-spray-site: sites=tmg.gr.forms; logs=/var/log/httpd/domains/tmg.gr.forms.log; samples=site_wide=true \| distinct_ips=36 \| /wp-login.php show less	Hacking Web App Attack
🇫🇷 ELYAZ	2026-06-08 10:05:40 (4 days ago)	(y4) Failed scan -byebye- from 104.207.33.42 (US/United States/-): (CF_ENABLE)	Hacking
🇱🇻 garmtech.com	2026-06-08 01:29:34 (4 days ago)	IM360 WAF: Prohibited WordPress username login/registration	Web App Attack
🇬🇧 Oakley	2026-06-01 11:36:48 (1 week ago)	(confirmed_bot_sig) Confirmed bot	Hacking
Anonymous	2026-05-30 09:19:35 (1 week ago)	Web attack blocked by Wordfence on vestingstadvalkenburg.nl (1 hit). Reported by CRMON.	Web App Attack
Anonymous	2026-05-28 20:11:03 (2 weeks ago)	[server.tmg.gr] httpd-login-spray-site: sites=cardiobridge2023.gr; logs=/var/log/httpd/domains/cardi ... show more [server.tmg.gr] httpd-login-spray-site: sites=cardiobridge2023.gr; logs=/var/log/httpd/domains/cardiobridge2023.gr.log; samples=site_wide=true \| distinct_ips=29 \| /wp-login.php show less	Hacking Web App Attack
🇦🇺 nzhost.co.nz	2026-02-19 12:32:19 (3 months ago)	$f2bV_matches	Hacking Brute-Force
🇦🇺 nzhost.co.nz	2026-02-15 12:25:32 (3 months ago)	$f2bV_matches	Hacking Brute-Force
🇺🇸 TPI-Abuse	2026-02-15 12:23:04 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:22:58.328029 2026] [security2:error] [pid 7244:tid 7244] [client 104.207.33.42:50593] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tipwhisperings.com"] [uri "/api/.env"] [unique_id "aZG6okeWEt2YDcCdb7UY3QAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Swiptly	2026-02-15 11:53:17 (3 months ago)	Bot scanning for environment files .env .env/\* ...	Web App Attack
🇺🇸 mnsf	2026-02-15 07:05:46 (3 months ago)	Scanning/Probing (26)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:06:50 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:06:44.282780 2026] [security2:error] [pid 22629:tid 22644] [client 104.207.33.42:22493] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sylvestconsulting.com"] [uri "/wp/.git/config"] [unique_id "aZFidAJ9g84SRFWq5rKJmwAAAMU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:58:31 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:58:26.233505 2026] [security2:error] [pid 30388:tid 30388] [client 104.207.33.42:56185] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stkm.com"] [uri "/.env.local"] [unique_id "aZFEYuBrul_mhh5zAC4PhwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 161 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 119.164.123.245

🇮🇩 103.219.73.193

🇫🇷 85.217.140.20

🇫🇷 85.217.140.11

🇮🇹 85.18.115.154

🇬🇧 35.203.210.248

🇸🇬 8.222.225.103

🇨🇳 211.149.131.113

🇰🇷 211.105.129.57

🇸🇬 103.189.234.96

🇪🇸 79.117.225.206

🇺🇸 23.228.163.187

🇧🇷 177.54.175.227

🇭🇰 47.82.99.25

🇨🇦 20.220.195.127

🇨🇳 218.21.250.151

🇲🇽 187.191.48.5

🇨🇦 104.255.152.19

🇷🇴 80.94.92.184

🇹🇷 78.189.217.175