JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.32.105

104.207.32.105 was found in our database!

This IP was reported 130 times. Confidence of Abuse is 12%: ?

12%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.32.105

Whois 104.207.32.105

IP Abuse Reports for 104.207.32.105:

This IP address has been reported a total of 130 times from 16 distinct sources. 104.207.32.105 was first reported on June 5th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-04 19:06:29 (1 day ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇬🇧 PeravixGroup	2026-05-05 21:09:17 (1 month ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇮🇹 VHosting	2026-02-18 22:16:53 (3 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇩🇪 Packets-Decreaser.NET	2025-12-31 00:59:32 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇨🇭 backslash	2025-12-27 03:40:03 (5 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-03 09:42:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.105 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 03 04:42:22.678317 2025] [security2:error] [pid 18491:tid 18491] [client 104.207.32.105:58615] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "greencornokies.org"] [uri "/.svn/wc.db"] [unique_id "aTAF_vQL6CC5_iiHj_XodwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:57:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.105 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:56:56.419723 2025] [security2:error] [pid 19144:tid 19144] [client 104.207.32.105:46147] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.tech-servusa.com"] [uri "/.git/HEAD"] [unique_id "aSU3GBavHVATFQNyPAmmYQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:42:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.105 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:41:59.064971 2025] [security2:error] [pid 14984:tid 14984] [client 104.207.32.105:38983] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nationalenq.internetnameregistration.com"] [uri "/.svn/wc.db"] [unique_id "aSUlh3C0X_c-HU8hljBfLwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 23:59:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.105 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 18:59:14.303035 2025] [security2:error] [pid 24010:tid 24010] [client 104.207.32.105:35833] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.earlyeditionsbookshop.com"] [uri "/.env"] [unique_id "aSTxUjMLO3EcGDGi9sI5QQAAAEU"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2025-11-24 23:05:02 (6 months ago)	Auto-ban: >3000 req/min op 2025-11-24	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-24 06:16:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.105 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:16:33.695615 2025] [security2:error] [pid 28999:tid 29024] [client 104.207.32.105:25613] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.seguroslugo.net"] [uri "/.env"] [unique_id "aSP4QRHUG1yMWqoCx_DkQwAAAJY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:35:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.105 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:35:35.060435 2025] [security2:error] [pid 3965259:tid 3965330] [client 104.207.32.105:23341] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.otemaetk.com"] [uri "/.git/HEAD"] [unique_id "aSPup8HsvdKIeQe-cM9B6QAAAUU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:00:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.105 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:00:29.529891 2025] [security2:error] [pid 16289:tid 16289] [client 104.207.32.105:51811] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.charamand.com"] [uri "/.svn/wc.db"] [unique_id "aSPYXb0F8siJR8g4RP-KDgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-14 06:25:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.105 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 14 01:25:44.043497 2025] [security2:error] [pid 24858:tid 24858] [client 104.207.32.105:9329] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.pbeyer.org"] [uri "/config.php%7C/.env%7Csettings.py"] [unique_id "aRbLaGELzS5p0ecmWzWecwAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 wil.com	2025-10-17 16:29:54 (7 months ago)	GlobalProtect login attempts with user isosa.	VPN IP Brute-Force

Showing 1 to 15 of 130 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 177.94.206.205

🇷🇺 172.69.50.239

🇨🇳 116.205.116.126

🇺🇸 66.132.195.64

🇦🇷 64.145.79.75

🇸🇬 47.128.18.135

🇯🇵 47.74.22.38

🇳🇱 45.198.224.141

🇲🇽 189.203.163.10

🇧🇷 177.200.41.104

🇮🇹 151.47.73.236

🇻🇳 118.70.182.193

🇮🇪 98.71.8.129

🇭🇰 65.181.88.245

🇳🇱 45.142.193.8

🇻🇳 14.225.217.138

🇧🇩 2a09:bac1:b40:518::4d5:5

🇺🇸 172.172.196.177

🇻🇳 152.32.250.188

🇺🇸 20.127.185.37