JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.32.141

104.207.32.141 was found in our database!

This IP was reported 139 times. Confidence of Abuse is 12%: ?

12%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.32.141

Whois 104.207.32.141

IP Abuse Reports for 104.207.32.141:

This IP address has been reported a total of 139 times from 24 distinct sources. 104.207.32.141 was first reported on June 11th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 grassau.com	2026-06-03 11:01:18 (2 days ago)	(wordpress) Failed wordpress login from 104.207.32.141 (US/United States/Virginia/Ashburn/-)	Brute-Force
🇱🇻 garmtech.com	2026-05-17 21:20:09 (2 weeks ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 00-20.104.207.32.141.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 00-20.104.207.32.141.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2026-05-17 20:43:09 (2 weeks ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 23-43.104.207.32.141.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 23-43.104.207.32.141.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
Anonymous	2026-03-29 00:32:27 (2 months ago)	Forum/form spam	Web Spam
🇫🇷 tilellit.pro	2026-01-20 01:59:06 (4 months ago)	Fail2Ban banned 104.207.32.141 for security violations in jail wp-armour. Log: 2026/01/20 01:59:06 [ ... show more Fail2Ban banned 104.207.32.141 for security violations in jail wp-armour. Log: 2026/01/20 01:59:06 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 104.207.32.141 \| Target: wplogin" , client: 104.207.32.141, server: [REDACTED], request: "POST /wp-login.php HTTP/2.0", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇺🇸 COMPLEX	2025-12-14 23:07:46 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protocol: HTTP/2 (POST method) Endpoint: / show less	Bad Web Bot
🇳🇱 homeshowdomain.nl	2025-11-24 22:59:41 (6 months ago)	Auto-ban: >3000 req/min op 2025-11-24	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-24 09:53:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:53:11.633079 2025] [security2:error] [pid 16419:tid 16419] [client 104.207.32.141:37193] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.chateau-saleza-bruges.com"] [uri "/.git/HEAD"] [unique_id "aSQrB5uGrcz9oq5XU8iImAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:27:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:27:28.818644 2025] [security2:error] [pid 7578:tid 7578] [client 104.207.32.141:35747] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.brbcar.com"] [uri "/.git/HEAD"] [unique_id "aSQlAGSOq8q54H4Vfz4FewAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:43:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:43:20.531972 2025] [security2:error] [pid 29536:tid 29536] [client 104.207.32.141:24751] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.tremulant.com"] [uri "/.git/HEAD"] [unique_id "aSP-iP7tDkQshIDhcGSwzQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:19:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:19:22.341764 2025] [security2:error] [pid 18135:tid 18135] [client 104.207.32.141:23305] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.ic1.biz"] [uri "/.svn/wc.db"] [unique_id "aSPq2iedhPUBQ7ZrhjMGOQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:45:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:44:53.156831 2025] [security2:error] [pid 9269:tid 9269] [client 104.207.32.141:10315] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.northfortworthalliance.com"] [uri "/.svn/wc.db"] [unique_id "aSPUtUVA_BEHGrzc3H8Y_gAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2025-11-19 06:55:13 (6 months ago)	WP probing for vulnerabilities	Hacking Exploited Host
🇨🇦 wil.com	2025-10-17 10:31:35 (7 months ago)	GlobalProtect login attempts with user xdcjo.	VPN IP Brute-Force
Anonymous	2025-10-07 22:38:33 (7 months ago)	Attempted brute force login to web vpn 28 time(s); last attempt for 2025.10.07 is noted in report ti ... show more Attempted brute force login to web vpn 28 time(s); last attempt for 2025.10.07 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 139 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 189.194.140.170

🇺🇸 107.174.125.234

🇫🇷 91.196.152.119

🇺🇸 73.36.177.174

🇳🇱 45.153.34.71

🇻🇳 36.50.177.171

🇳🇱 193.176.31.201

🇿🇦 185.132.186.36

🇺🇸 162.216.150.40

🇺🇸 136.49.53.226

🇿🇦 105.224.38.156

🇺🇸 72.253.251.3

🇰🇷 1.245.74.10

🇺🇸 195.184.76.143

🇩🇪 193.124.20.246

🇧🇷 191.241.243.202

🇨🇴 181.51.189.171

🇺🇸 173.252.70.130

🇺🇸 150.107.38.111

🇩🇪 148.251.222.210