JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.32.248

104.207.32.248 was found in our database!

This IP was reported 155 times. Confidence of Abuse is 12%: ?

12%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.32.248

Whois 104.207.32.248

IP Abuse Reports for 104.207.32.248:

This IP address has been reported a total of 155 times from 18 distinct sources. 104.207.32.248 was first reported on June 6th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-04-26 17:46:16 (1 month ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.32.248 (US/United States/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.32.248 (US/United States/-): 1 in the last 3600 secs (0-197) show less	Hacking
🇨🇭 4server	2026-04-25 09:59:47 (1 month ago)	[SatApr2511:59:38.6721302026][security2:error][pid701011:tid701084][client104.207.32.248:0]ModSecuri ... show more [SatApr2511:59:38.6721302026][security2:error][pid701011:tid701084][client104.207.32.248:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"367\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"prodotti.comarcosa.com\"][uri\"/xmlrpc.php\"][unique_id\"aeyQihl3gBvUtk3OvxGbVAAAAAo\"] show less	Hacking Web App Attack
🇱🇻 garmtech.com	2026-04-24 13:17:05 (1 month ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇫🇷 masterguru	2026-04-19 11:57:27 (1 month ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.32.248 (US/United States/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.32.248 (US/United States/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇫🇷 masterguru	2026-04-13 10:13:12 (1 month ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.32.248 (US/United States/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.32.248 (US/United States/-): 1 in the last 3600 secs (0-197) show less	Hacking
🇺🇸 Psycho Solutions LLC	2026-03-15 10:22:24 (2 months ago)	Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-login.php - User Agent: N ... show more Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-login.php - User Agent: N/A - Timestamp: 3/15/2026 10:22 am (UTC-6) show less	Web App Attack Bad Web Bot Web Spam Hacking
🇺🇸 TPI-Abuse	2026-02-09 21:49:21 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.248 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:49:15.021287 2026] [security2:error] [pid 31580:tid 31580] [client 104.207.32.248:24109] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "garysgates.com"] [uri "/test/.git/config"] [unique_id "aYpWW074iIIq_ZK7HD-Q_AAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:58:39 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.248 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:58:32.844608 2026] [security2:error] [pid 1036446:tid 1036446] [client 104.207.32.248:28335] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ganeki.com"] [uri "/admin/.env"] [unique_id "aYpKeAmqYL-R9PuAxRVNtgAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 barbarella	2026-02-09 10:07:19 (3 months ago)	illegal attempt to access nonexisting folder (GET /backup/.git/config)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 10:01:31 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.248 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 05:01:22.291331 2026] [security2:error] [pid 5731:tid 5731] [client 104.207.32.248:11137] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gabosoftware.com"] [uri "/app/.env"] [unique_id "aYmwcsG1XEQJMYuswwcEYwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-08 21:23:50 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.248 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 08 16:23:46.384055 2026] [security2:error] [pid 29974:tid 29974] [client 104.207.32.248:36355] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fundaciondamashcc.org.ec"] [uri "/.env"] [unique_id "aYj-4sGo4zaWgHE2DreupwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2026-01-26 07:21:28 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇮🇹 Progetto1	2026-01-21 01:10:02 (4 months ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
Anonymous	2025-11-29 08:16:03 (6 months ago)	Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.29 is noted in report ti ... show more Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.29 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-27 20:36:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.248 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 15:36:20.140620 2025] [security2:error] [pid 13163:tid 13163] [client 104.207.32.248:54491] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cinesonline.com"] [uri "/.env"] [unique_id "aSi2RJFmmVD5bSXRvNmMDQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 155 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇲 103.233.206.154

🇺🇸 85.239.230.165

🇰🇷 220.86.28.189

🇩🇪 213.209.159.56

🇫🇮 147.185.133.197

🇩🇪 69.5.169.242

🇩🇪 69.5.169.219

🇰🇿 37.208.46.130

🇺🇸 20.106.48.26

🇺🇸 3.15.211.60

🇨🇳 218.59.201.12

🇧🇴 200.58.84.213

🇭🇰 118.26.36.248

🇻🇳 112.78.4.53

🇩🇪 104.207.53.151

🇺🇸 64.62.156.214

🇺🇸 216.26.230.151

🇺🇸 208.87.243.61

🇨🇦 104.207.60.253

🇩🇪 104.207.52.98