JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.32.137

104.207.32.137 was found in our database!

This IP was reported 136 times. Confidence of Abuse is 8%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.32.137

Whois 104.207.32.137

IP Abuse Reports for 104.207.32.137:

This IP address has been reported a total of 136 times from 18 distinct sources. 104.207.32.137 was first reported on June 8th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 dtorrer	2026-05-30 01:10:51 (3 weeks ago)	Client attempted to submit spam on a website post.	Blog Spam
🇩🇪 bescared	2026-05-10 09:04:00 (1 month ago)	WAF (2) - Malicious activity detected: URL probing.	Bad Web Bot Web App Attack Hacking
🇵🇱 sefinek.net	2026-04-08 15:53:27 (2 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-26 08:34:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:34:48.660326 2025] [security2:error] [pid 29461:tid 29461] [client 104.207.32.137:52489] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.pfs-nj.com"] [uri "/.env"] [unique_id "aSa7qDQ_hOdbeVM6EYlYzgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:04:39 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:04:36.548462 2025] [security2:error] [pid 4585:tid 4585] [client 104.207.32.137:50827] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.thebestac.com"] [uri "/.git/HEAD"] [unique_id "aSZgNFnllhulI2gNzoMxbgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇭🇺 bcsaba	2025-11-26 00:11:23 (7 months ago)	Probing for .git: 104.207.32.137 - - [26/Nov/2025:01:11:21 +0100] "GET /.git/HEAD HTTP/1.1" 403 146 ... show more Probing for .git: 104.207.32.137 - - [26/Nov/2025:01:11:21 +0100] "GET /.git/HEAD HTTP/1.1" 403 146 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1" show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:13:02 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:12:56.207721 2025] [security2:error] [pid 8212:tid 8212] [client 104.207.32.137:57163] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.cnphilos.com"] [uri "/.env"] [unique_id "aSVI6G-CuDPdGhaG0jKbRwAAACk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:34:54 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:34:50.507350 2025] [security2:error] [pid 1647140:tid 1647179] [client 104.207.32.137:59593] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.vote4joegardner.com"] [uri "/.env"] [unique_id "aSUj2sWdNO_bFaD03ZY_hQAAAME"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:22:15 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:22:10.371057 2025] [security2:error] [pid 4042:tid 4042] [client 104.207.32.137:56661] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bigholegolf.com"] [uri "/.env"] [unique_id "aSUS0jtfmwdJf30Nkx5N8gAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 Short-legs-Spider	2025-11-25 01:51:40 (7 months ago)	Test on existence -- [25/Nov/2025:10:51:40 +0900] "GET /.svn/wc.db HTTP/1.1" 403 77 "-" "Mozilla/5 ... show more Test on existence -- [25/Nov/2025:10:51:40 +0900] "GET /.svn/wc.db HTTP/1.1" 403 77 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0" show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:00:22 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:00:13.342997 2025] [security2:error] [pid 4311:tid 4346] [client 104.207.32.137:53249] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.gorealtors.com"] [uri "/.svn/wc.db"] [unique_id "aST_naO7-HhXDlACxWpBYAAAAJU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:31:38 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:31:34.862090 2025] [security2:error] [pid 4241:tid 4241] [client 104.207.32.137:13751] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.burke698.org"] [uri "/.git/HEAD"] [unique_id "aSQX5hAtdbVvpW3kxWAhwgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:56:59 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:56:50.971313 2025] [security2:error] [pid 21980:tid 21980] [client 104.207.32.137:43133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "volunteers.bookingsouthafrica.com"] [uri "/.env"] [unique_id "aSPzolPB7XjEvud9rHkSfgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-13 22:58:13 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-11-08 17:59:47 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 08 12:59:41.375525 2025] [security2:error] [pid 16920:tid 16920] [client 104.207.32.137:39245] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.xtcdesigns.com"] [uri "/config.php%7C/.env%7Csettings.py"] [unique_id "aQ-FDd_u7W4PgkEMR1SrxwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 136 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.149.105

🇫🇷 157.173.109.225

🇫🇮 147.185.133.205

🇺🇸 65.49.20.79

🇩🇪 217.181.87.219

🇨🇦 217.181.81.190

🇩🇪 212.132.127.66

🇺🇸 198.57.247.251

🇮🇩 182.253.156.173

🇹🇷 176.41.28.156

🇺🇸 147.185.132.46

🇶🇦 135.136.47.59

🇺🇸 65.49.1.159

🇺🇸 40.124.175.251

🇺🇸 34.187.234.108

🇺🇸 20.65.195.108

🇭🇰 199.45.155.96

🇺🇸 195.184.76.13

🇺🇸 195.63.14.151

🇬🇧 194.50.235.134