JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.33.73

104.207.33.73 was found in our database!

This IP was reported 148 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.33.73

Whois 104.207.33.73

IP Abuse Reports for 104.207.33.73:

This IP address has been reported a total of 148 times from 19 distinct sources. 104.207.33.73 was first reported on June 5th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 dynamix	2026-02-15 12:18:53 (3 months ago)	Multiple WAF Violations	Web App Attack
Anonymous	2026-02-15 11:23:45 (3 months ago)	104.207.33.73 - - [15/Feb/2026:11:23:40 +0000] "GET /.env HTTP/1.1" 404 47530 "-" "Mozilla/5.0 (Wind ... show more 104.207.33.73 - - [15/Feb/2026:11:23:40 +0000] "GET /.env HTTP/1.1" 404 47530 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:08:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.73 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:08:20.070043 2026] [security2:error] [pid 17999:tid 17999] [client 104.207.33.73:64443] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oualierealty.com"] [uri "/backend/.env"] [unique_id "aZGpJE_wzwCkq4S_Se1MUwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:28:44 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.73 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:28:39.943623 2026] [security2:error] [pid 857423:tid 857423] [client 104.207.33.73:12661] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sawyerwest.com"] [uri "/.env.local"] [unique_id "aZFZh6HMDI3M-Rn8rnnZEQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-15 05:18:20 (3 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇬🇧 Apache	2026-02-15 05:17:26 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.73 (US/United States/-): 5 in the la ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.73 (US/United States/-): 5 in the last 300 secs show less	Brute-Force Web App Attack
🇺🇸 myagent.site	2026-02-15 05:05:45 (3 months ago)	Blocking for trying to access an exploit file: /api/.git/config	Hacking
🇺🇸 TPI-Abuse	2026-02-15 04:57:51 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.73 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:57:48.341609 2026] [security2:error] [pid 19525:tid 19525] [client 104.207.33.73:13427] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "obfetal.com"] [uri "/wp/.git/config"] [unique_id "aZFSTNnJjR0S-LZ0Qloy4wAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 debestelapp	2026-02-15 04:15:04 (3 months ago)		Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:11:37 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.73 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:11:33.730470 2026] [security2:error] [pid 31112:tid 31112] [client 104.207.33.73:49449] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "samcdevitt.com"] [uri "/.env"] [unique_id "aZFHdXiydXPubeMMZ7gOlAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:14:10 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.73 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:14:01.843869 2026] [security2:error] [pid 11939:tid 11939] [client 104.207.33.73:23807] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sabbathseminars.net"] [uri "/v2/.git/config"] [unique_id "aZE5-SBpJgpLwmQ39arCQwAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:30:22 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.73 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:30:12.915075 2026] [security2:error] [pid 5115:tid 5115] [client 104.207.33.73:32265] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "plazacristal.com"] [uri "/test/.git/config"] [unique_id "aZEvtMWIXpiAdRWdUhqR4AAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 alph44	2026-02-15 01:28:32 (3 months ago)	(mod_security) mod_security (id:949110) triggered by 104.207.33.73 (US/United States/-): 5 in the la ... show more (mod_security) mod_security (id:949110) triggered by 104.207.33.73 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:25:17 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.33.73 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.33.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:25:10.380983 2026] [security2:error] [pid 1101287:tid 1101287] [client 104.207.33.73:9851] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ncparanormalresearch.com"] [uri "/.env.staging"] [unique_id "aZEgdjLmQs_gJUH7b_6xOAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-02-15 01:12:05 (3 months ago)	Web attack/malicious scanning detected	Web App Attack

Showing 1 to 15 of 148 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 165.227.209.27

🇫🇷 51.75.141.245

🇭🇰 45.142.154.10

🇺🇸 34.145.245.16

🇩🇪 213.209.159.228

🇭🇰 185.245.41.26

🇳🇱 176.65.148.242

🇩🇪 93.203.246.99

🇺🇸 70.120.203.193

🇳🇱 45.148.10.157

🇩🇪 34.141.85.57

🇷🇴 2.57.122.173

🇳🇱 213.177.179.12

🇩🇪 212.80.7.172

🇬🇧 193.163.125.23

🇱🇹 185.170.254.87

🇷🇺 176.109.97.11

🇨🇳 117.83.83.235

🇳🇱 77.83.39.53

🇺🇸 66.132.172.120