JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.33.54

104.207.33.54 was found in our database!

This IP was reported 149 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.33.54

Whois 104.207.33.54

IP Abuse Reports for 104.207.33.54:

This IP address has been reported a total of 149 times from 23 distinct sources. 104.207.33.54 was first reported on June 4th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 backslash	2026-05-28 00:06:00 (2 weeks ago)		Web Spam
🇮🇳 Mcshield.org	2025-12-01 05:18:42 (6 months ago)	Failed password for invalid user postgres from 104.207.33.54 port 43986 ssh2	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-11-25 06:04:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:04:32.316093 2025] [security2:error] [pid 18450:tid 18450] [client 104.207.33.54:12055] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.andysharp.com"] [uri "/.env"] [unique_id "aSVG8MceHM7JdkIFjoBUYwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:43:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:43:26.812581 2025] [security2:error] [pid 2362:tid 2362] [client 104.207.33.54:17543] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.ilovecoffeegroup.com"] [uri "/.env"] [unique_id "aSVB_hoi09zIJ5mz5jp1ugAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:18:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:18:52.188016 2025] [security2:error] [pid 20641:tid 20641] [client 104.207.33.54:58169] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.charmainecruz.com"] [uri "/.env"] [unique_id "aSUuLATNhEQoDbqaPFJtfQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:57:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:57:19.382225 2025] [security2:error] [pid 15101:tid 15108] [client 104.207.33.54:36727] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.desert-automotive.com"] [uri "/.git/HEAD"] [unique_id "aSUpH6NKS2jdjfTVKRdkzQAAAQU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:51:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:51:34.887315 2025] [security2:error] [pid 20281:tid 20281] [client 104.207.33.54:28527] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.angelpalomino.com"] [uri "/.env"] [unique_id "aST9lpp33kQZQz2xh0Qf-wAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:11:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:11:53.339150 2025] [security2:error] [pid 6426:tid 6426] [client 104.207.33.54:19429] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.4windsmedia.com"] [uri "/.git/HEAD"] [unique_id "aST0SeEuYUScJPpZ5KZmAwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:56:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:56:11.667427 2025] [security2:error] [pid 16248:tid 16248] [client 104.207.33.54:51373] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.halvaughan.com"] [uri "/.env"] [unique_id "aSQru6Ok-9BKwiUnYLa5WQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:55:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:55:12.475001 2025] [security2:error] [pid 13261:tid 13261] [client 104.207.33.54:21979] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fantasyfootballing.chavarri.com"] [uri "/.git/HEAD"] [unique_id "aSQdcBhuYErdnnm9cA-oxAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:00:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:00:24.709639 2025] [security2:error] [pid 11210:tid 11210] [client 104.207.33.54:17921] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "axiomemail.net"] [uri "/.git/HEAD"] [unique_id "aSQQmMTS45UYUwnW6Tn5BQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:08:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:08:35.553994 2025] [security2:error] [pid 6505:tid 6505] [client 104.207.33.54:54825] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.prometheusfalling.com"] [uri "/.env"] [unique_id "aSP2Yxbi1H7DSubSxeLBXgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:36:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:36:15.526643 2025] [security2:error] [pid 3965259:tid 3965335] [client 104.207.33.54:55937] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "asipm.aafm.us"] [uri "/.env"] [unique_id "aSPuz8HsvdKIeQe-cM9CjgAAAUo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:57:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:57:15.756475 2025] [security2:error] [pid 14964:tid 14964] [client 104.207.33.54:13469] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.stefchild.com"] [uri "/.svn/wc.db"] [unique_id "aSPlq6mW5gaSnY3DDGDWUAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 applemooz	2025-11-01 11:55:33 (7 months ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack

Showing 1 to 15 of 149 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇱 195.116.145.127

🇷🇴 188.27.152.31

🇮🇳 182.64.3.134

🇯🇵 160.251.233.37

🇺🇸 147.185.132.49

🇬🇧 139.59.173.98

🇮🇳 117.211.208.123

🇨🇦 104.255.152.19

🇺🇸 13.89.125.27

🇰🇷 211.180.105.241

🇺🇸 195.184.76.208

🇳🇱 176.65.140.201

🇨🇴 161.18.234.168

🇵🇱 109.205.211.49

🇺🇸 104.253.48.236

🇹🇭 103.117.150.82

🇫🇷 82.102.18.188

🇮🇳 49.204.164.172

🇪🇸 46.6.116.119

🇳🇱 45.148.10.157