JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.32.112

104.207.32.112 was found in our database!

This IP was reported 146 times. Confidence of Abuse is 11%: ?

11%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.32.112

Whois 104.207.32.112

IP Abuse Reports for 104.207.32.112:

This IP address has been reported a total of 146 times from 20 distinct sources. 104.207.32.112 was first reported on June 5th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇺 Mga Admin	2026-06-04 23:44:26 (2 days ago)	104.207.32.112 - - [05/Jun/2026:06:44:25 +0700] "GET /bridge2cart/bridge.php HTTP/1.1" 404 69 "-" "M ... show more 104.207.32.112 - - [05/Jun/2026:06:44:25 +0700] "GET /bridge2cart/bridge.php HTTP/1.1" 404 69 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" ... show less	Web App Attack
🇧🇪 cmbplf	2026-05-07 02:28:20 (1 month ago)	178 requests with url.path .env 132 requests with url.path phpinfo.php	Brute-Force Bad Web Bot
🇺🇸 windowsforum	2026-02-13 19:21:36 (3 months ago)	Spam bot registration: triggers=timing, js_challenge, inv_honeypot, pow_fail, url, password_confirm, ... show more Spam bot registration: triggers=timing, js_challenge, inv_honeypot, pow_fail, url, password_confirm, username=Dwain29948 show less	Web Spam Bad Web Bot
Anonymous	2025-12-12 10:23:27 (5 months ago)	botnet	DDoS Attack
🇩🇪 HandyTreff.de	2025-12-10 19:06:20 (5 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -33.592 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -33.592 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:114.0) Gecko/20100101 Firefox/114.0 show less	Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2025-11-25 22:59:39 (6 months ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2025-11-24. show less	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-24 08:05:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:05:34.089501 2025] [security2:error] [pid 3511328:tid 3511328] [client 104.207.32.112:46207] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "smog-check-pb-san-diego.smogsandiego.com"] [uri "/.git/HEAD"] [unique_id "aSQRzh992exleX9-S01PQAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:40:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:40:11.117896 2025] [security2:error] [pid 27573:tid 27573] [client 104.207.32.112:21839] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.jacobyonline.com"] [uri "/.git/HEAD"] [unique_id "aSPvu9ciEyWxF5RB54VleQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:18:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:18:49.328593 2025] [security2:error] [pid 7006:tid 7006] [client 104.207.32.112:42411] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.photokarine.com"] [uri "/.git/HEAD"] [unique_id "aSPcqXWwRQT1j6mgiFfUHAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:55:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:55:35.677518 2025] [security2:error] [pid 7593:tid 7593] [client 104.207.32.112:49349] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.oceanicpier.com"] [uri "/.env"] [unique_id "aSPXN72_984riP9rUi05rgAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-17 01:40:41 (6 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.17 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.17 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-14 01:33:57 (6 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.14 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.14 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-14 00:18:19 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-11-09 13:47:52 (6 months ago)	Attempted brute force login to web vpn 14 time(s); last attempt for 2025.11.09 is noted in report ti ... show more Attempted brute force login to web vpn 14 time(s); last attempt for 2025.11.09 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-11 06:58:02 (7 months ago)	Attempted brute force login to web vpn 18 time(s); last attempt for 2025.10.11 is noted in report ti ... show more Attempted brute force login to web vpn 18 time(s); last attempt for 2025.10.11 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 146 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:400:d1:0:4:8c01:6001

🇬🇧 194.50.235.138

🇨🇴 69.6.234.27

🇨🇳 123.158.253.240

🇰🇷 112.216.108.62

🇨🇳 106.12.74.119

🇧🇾 88.218.64.178

🇳🇱 45.148.10.147

🇺🇦 217.147.172.67

🇩🇪 216.25.126.4

🇰🇷 211.253.37.225

🇺🇸 172.190.216.105

🇩🇪 167.94.146.61

🇺🇸 162.216.150.95

🇭🇰 152.32.189.128

🇭🇰 128.1.132.220

🇨🇳 106.13.100.52

🇳🇱 64.89.162.55

🇳🇱 45.156.87.254

🇻🇳 27.78.70.85