JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.32.18

104.207.32.18 was found in our database!

This IP was reported 97 times. Confidence of Abuse is 17%: ?

17%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.32.18

Whois 104.207.32.18

IP Abuse Reports for 104.207.32.18:

This IP address has been reported a total of 97 times from 20 distinct sources. 104.207.32.18 was first reported on June 7th 2024, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Séfora Srl	2026-06-01 05:03:27 (4 days ago)	Web App Attack with different attempts on Apache - detected by Fail2Ban in plesk-apache jail	Web App Attack
🇺🇸 mnsf	2026-05-25 10:05:13 (1 week ago)	Scanning/Probing (34)	Brute-Force Web App Attack
Anonymous	2026-04-14 06:39:31 (1 month ago)	Forum/form spam	Web Spam
Anonymous	2026-03-05 06:26:32 (3 months ago)	Forum/form spam	Web Spam
🇺🇸 windowsforum	2026-02-13 17:58:33 (3 months ago)	Spam bot registration: triggers=timing, js_challenge, inv_honeypot, pow_fail, url, password_confirm, ... show more Spam bot registration: triggers=timing, js_challenge, inv_honeypot, pow_fail, url, password_confirm, username=ChassidySh show less	Web Spam Bad Web Bot
🇩🇪 big-cloud.nl	2026-02-12 01:09:27 (3 months ago)	Try to access /api/.env	Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 20:39:48 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 15:39:39.347787 2026] [security2:error] [pid 5281:tid 5281] [client 104.207.32.18:61773] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arctic-sea.com"] [uri "/app/.env"] [unique_id "aYzpC1JUxcu321JYAVGbUAAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:31:21 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:31:15.407630 2026] [security2:error] [pid 13192:tid 13192] [client 104.207.32.18:22745] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kirstengoldberg.com"] [uri "/frontend/.env"] [unique_id "aYqmg_c-spIJJVG6dOpxTgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 01:22:18 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 20:22:07.781952 2026] [security2:error] [pid 20972:tid 20988] [client 104.207.32.18:28933] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "khalessilaw.com"] [uri "/.env.production"] [unique_id "aYqIPxYqCguJMhGb04AIDQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:27:49 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:27:38.782597 2026] [security2:error] [pid 32208:tid 32211] [client 104.207.32.18:11721] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keithfamily.net"] [uri "/.env.local"] [unique_id "aYptajLjGA96x6QIS84FIQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:44:41 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:44:34.558606 2026] [security2:error] [pid 16661:tid 16661] [client 104.207.32.18:38669] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "honnwong.com"] [uri "/.env.production"] [unique_id "aYpHMvoynNP3HvWRGg8HjgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-30 07:37:08 (4 months ago)	wordpress-trap	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2026-01-28 17:42:02 (4 months ago)	WP Login Scan Activities	Web App Attack
🇪🇸 10dencehispahard SL	2026-01-26 07:21:20 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
Anonymous	2026-01-21 15:00:13 (4 months ago)	Forum/form spam	Web Spam

Showing 1 to 15 of 97 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 201.141.110.28

🇳🇱 176.65.149.180

🇰🇷 115.178.75.243

🇳🇴 109.239.229.81

🇨🇳 101.68.142.7

🇩🇪 69.5.169.239

🇭🇰 42.200.78.166

🇹🇿 41.59.125.246

🇺🇸 38.132.109.100

🇹🇷 31.58.249.33

🇻🇳 14.232.239.127

🇨🇳 1.198.18.164

🇺🇸 2602:fb54:1a00::93

🇺🇸 216.180.246.202

🇺🇿 213.230.92.38

🇺🇿 198.163.194.102

🇲🇷 197.231.1.203

🇰🇿 195.82.21.140

🇺🇿 188.113.234.58

🇬🇧 185.127.71.32