JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.33.66

104.207.33.66 was found in our database!

This IP was reported 149 times. Confidence of Abuse is 22%: ?

22%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.33.66

Whois 104.207.33.66

IP Abuse Reports for 104.207.33.66:

This IP address has been reported a total of 149 times from 23 distinct sources. 104.207.33.66 was first reported on June 11th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-02 10:10:51 (3 weeks ago)	[da.kdns.gr] httpd-login-spray-site: sites=global; logs=/var/log/httpd/access_log; samples=site_wide ... show more [da.kdns.gr] httpd-login-spray-site: sites=global; logs=/var/log/httpd/access_log; samples=site_wide=true \| distinct_ips=25 \| /wp-login.php show less	Hacking Web App Attack
🇫🇷 ELYAZ	2026-05-30 23:43:24 (3 weeks ago)	(y4) Failed scan -byebye- from 104.207.33.66 (US/United States/-): (CF_ENABLE)	Hacking
🇩🇪 4server	2026-05-30 12:00:33 (3 weeks ago)	[SatMay3014:00:28.4491632026][security2:error][pid3748883:tid3748973][client104.207.33.66:0]ModSecur ... show more [SatMay3014:00:28.4491632026][security2:error][pid3748883:tid3748973][client104.207.33.66:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"restaurantgandria.ch\"][uri\"/wp-login.php\"][unique_id\"ahrRXHAPsN0bbAHQbOZVhwAAAMQ\"]\,referer:https://restaurantgandria.ch/wp-login.php show less	Port Scan Brute-Force Web App Attack
🇺🇸 Richard Stover	2026-05-28 22:49:21 (3 weeks ago)	User tried to login as "admin."	Web App Attack
🇺🇸 lostswordfish.com	2026-05-27 13:34:05 (4 weeks ago)	Wordfence waf block on registrymatters	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:07:28 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.66 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:07:21.389824 2026] [security2:error] [pid 11353:tid 11353] [client 104.207.33.66:21761] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "koreasesame.com"] [uri "/admin/.git/config"] [unique_id "aY6_mY1erzbuqkeKYplvJwAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 05:37:21 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.66 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:37:16.473946 2026] [security2:error] [pid 25530:tid 25530] [client 104.207.33.66:22537] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kofcasamblea442.org"] [uri "/test/.git/config"] [unique_id "aY64jNr2Bn8jZjbmTbV7JgAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:23:32 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.66 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:23:24.626211 2026] [security2:error] [pid 2601033:tid 2601033] [client 104.207.33.66:45063] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kirbysheetmetalworks.com"] [uri "/test/.git/config"] [unique_id "aY6nPJY8QR68AkbXtCmHEQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:40:35 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.66 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:40:30.381634 2026] [security2:error] [pid 28669:tid 28693] [client 104.207.33.66:23021] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kiehnefamily.us"] [uri "/frontend/.env"] [unique_id "aY6dLguLlZn08yv_kWc9mAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:31:35 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.66 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:31:31.629683 2026] [security2:error] [pid 14674:tid 14674] [client 104.207.33.66:24485] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kemela.com"] [uri "/api/.env"] [unique_id "aY6NAxUOPhms8t5fZHg1iwAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-12 23:00:22 (4 months ago)	Auto-ban: >3000 req/min op 2026-02-12	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-12 21:36:40 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.66 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 16:36:30.596269 2026] [security2:error] [pid 1422967:tid 1422977] [client 104.207.33.66:62423] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aafminstitute.com"] [uri "/.git/config"] [unique_id "aY5H3oNAaDz2_OFyZKSBlwAAAEI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 18:56:07 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.66 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 13:56:02.076365 2026] [security2:error] [pid 3297:tid 3297] [client 104.207.33.66:16239] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "expresateconestilo.com"] [uri "/.git/config"] [unique_id "aY4iQtDi4WF6GH5oaLh8YAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 DZBOT	2026-02-12 17:34:59 (4 months ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 15:48:08 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.66 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 10:48:05.298021 2026] [security2:error] [pid 29521:tid 29521] [client 104.207.33.66:10861] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bigskyprints.com"] [uri "/.git/config"] [unique_id "aY32NSD6fsLUFbV2UbLRJgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 149 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 150.5.169.176

🇧🇩 103.213.238.91

🇺🇸 195.184.76.115

🇧🇷 177.8.133.200

🇺🇸 146.190.154.143

🇩🇪 116.202.164.45

🇨🇳 101.96.224.113

🇫🇷 91.231.89.168

🇫🇷 91.231.89.1

🇺🇸 91.230.168.211

🇱🇻 81.30.98.49

🇳🇱 45.156.87.204

🇺🇸 43.162.112.238

🇹🇼 34.81.72.185

🇺🇸 209.90.232.249

🇲🇳 203.23.199.89

🇳🇱 195.178.110.30

🇧🇷 177.8.134.1

🇧🇷 177.8.132.89

🇻🇳 171.231.181.97