JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.32.148

104.207.32.148 was found in our database!

This IP was reported 142 times. Confidence of Abuse is 13%: ?

13%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.32.148

Whois 104.207.32.148

IP Abuse Reports for 104.207.32.148:

This IP address has been reported a total of 142 times from 17 distinct sources. 104.207.32.148 was first reported on June 11th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-20 04:18:07 (2 days ago)	Web App Attack	Web App Attack
🇫🇷 Sklurk	2026-06-17 00:57:59 (5 days ago)	Web App Attack	Web App Attack
Anonymous	2026-06-06 00:55:16 (2 weeks ago)	Banned by SPAMHAUS ASN-DROP list (ASN: 200373)	DDoS Attack Hacking Bad Web Bot Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-03-25 11:22:58 (2 months ago)	Forum/form spam	Web Spam
🇬🇧 relianoid.com	2026-03-14 00:12:56 (3 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇺🇸 TPI-Abuse	2026-02-19 01:29:22 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 20:29:17.672945 2026] [security2:error] [pid 6656:tid 6705] [client 104.207.32.148:27161] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kandooo.com"] [uri "/app/.env"] [unique_id "aZZnbXn1w6YImX3YkyQ7twAAAUw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 00:37:28 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 19:37:25.497762 2026] [security2:error] [pid 11636:tid 11636] [client 104.207.32.148:50091] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vrevgaming.net"] [uri "/wp/.git/config"] [unique_id "aZZbRd7r8G2aiZYMKnD5XQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 20:00:10 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 15:00:02.585407 2026] [security2:error] [pid 13837:tid 13837] [client 104.207.32.148:45789] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "towermedia.net"] [uri "/site/.git/config"] [unique_id "aZYaQooDXUmO-_r5nD-zUAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 DZBOT	2026-02-18 19:49:01 (4 months ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇳🇱 debestelapp	2026-02-18 14:35:04 (4 months ago)		Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 13:21:26 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 08:21:20.601474 2026] [security2:error] [pid 17152:tid 17152] [client 104.207.32.148:15929] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wilpro-ga.com"] [uri "/.env.staging"] [unique_id "aZW80N5eO00Vo4AFSS2Z1wAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Mangelot Hosting	2026-02-18 12:26:19 (4 months ago)	(modsecurity) srv201 ModSecurity 104.207.32.148 (US/United States/-): 5 in the last 3600 secs; Ports ... show more (modsecurity) srv201 ModSecurity 104.207.32.148 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 11:46:02 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 06:45:52.938180 2026] [security2:error] [pid 31932:tid 31932] [client 104.207.32.148:45697] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "walterjhoodco.com"] [uri "/api/.env"] [unique_id "aZWmcOVP7RViKe88dNBAcgAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-03 02:13:13 (4 months ago)	Forum/form spam	Web Spam

Showing 1 to 15 of 142 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 193.124.20.235

🇫🇷 92.205.58.210

🇧🇷 205.210.31.194

🇬🇧 178.62.27.119

🇮🇳 152.52.192.162

🇳🇱 134.209.80.207

🇨🇳 123.56.83.129

🇯🇵 118.193.61.170

🇮🇳 113.193.234.210

🇺🇸 91.230.168.227

🇫🇷 85.217.140.33

🇷🇴 2.57.122.177

🇩🇪 165.154.138.33

🇺🇸 136.112.131.130

🇰🇷 110.14.190.217

🇫🇷 85.217.140.18

🇨🇳 59.36.233.74

🇺🇸 184.105.247.238

🇳🇱 176.65.139.158

🇺🇸 152.32.235.227