JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.32.75

104.207.32.75 was found in our database!

This IP was reported 131 times. Confidence of Abuse is 19%: ?

19%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.32.75

Whois 104.207.32.75

IP Abuse Reports for 104.207.32.75:

This IP address has been reported a total of 131 times from 20 distinct sources. 104.207.32.75 was first reported on June 3rd 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 backslash	2026-05-27 03:21:00 (1 week ago)		Web Spam
🇺🇸 oncord	2026-05-26 18:15:17 (1 week ago)	Form spam	Web Spam
🇱🇻 garmtech.com	2026-05-16 14:31:46 (2 weeks ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 17-31.104.207.32.75.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 17-31.104.207.32.75.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇦🇺 MAGIC	2026-04-02 00:28:38 (2 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇩🇪 big-cloud.nl	2026-03-27 20:35:14 (2 months ago)	Try to access /xmlrpc.php	Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:55:07 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.75 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:55:01.460231 2026] [security2:error] [pid 1512:tid 1512] [client 104.207.32.75:58095] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "i-brochures.com"] [uri "/.env.local"] [unique_id "aYqeBQE2VKbhQbuf2kCEaQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:51:04 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.75 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:50:56.572290 2026] [security2:error] [pid 32208:tid 32217] [client 104.207.32.75:28083] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "humaehealth.com"] [uri "/new/.git/config"] [unique_id "aYqA8DLjGA96x6QIS84OKAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:51:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.75 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:51:15.845133 2026] [security2:error] [pid 18860:tid 18860] [client 104.207.32.75:49207] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kendylcelina.com"] [uri "/.env.production"] [unique_id "aYpy8xqq2_YSS3XIVEvdEAAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:16:48 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.75 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:16:38.874517 2026] [security2:error] [pid 19089:tid 19089] [client 104.207.32.75:54479] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keepingitsharp.biz"] [uri "/.env.local"] [unique_id "aYpq1kud5NEH18KjXL1lmAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-13 07:11:20 (4 months ago)	wordpress-trap	Web App Attack
🇩🇪 botreporter	2026-01-07 04:00:00 (4 months ago)	CMS vulnerability/installation scanning	Brute-Force Web App Attack
Anonymous	2025-12-06 14:32:00 (5 months ago)	botnet	DDoS Attack
🇩🇪 Packets-Decreaser.NET	2025-11-30 13:09:58 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-28 21:49:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.32.75 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.32.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 16:49:09.519895 2025] [security2:error] [pid 11179:tid 11179] [client 104.207.32.75:25023] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "13point5.com"] [uri "/.env"] [unique_id "aSoY1Y-WhMihdUfuwatklwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 20:11:58 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 104.207.32.75 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 104.207.32.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 15:11:50.981272 2025] [security2:error] [pid 20753:tid 20753] [client 104.207.32.75:28195] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|aares2025.net\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "aares2025.net"] [uri "/database.sql"] [unique_id "aSoCBs88DDc7xc0V-Gq6AwAAAA4"], referer: http://aares2025.org/database.sql show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 131 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4023:1004::127

🇺🇸 216.59.173.21

🇳🇱 176.65.136.31

🇨🇳 111.198.53.188

🇩🇪 78.111.67.247

🇸🇬 43.163.85.226

🇲🇰 188.44.20.30

🇺🇸 173.255.225.139

🇧🇷 169.150.1.36

🇮🇩 165.99.30.22

🇺🇸 152.32.205.153

🇧🇬 78.128.112.30

🇨🇳 47.95.197.173

🇱🇹 45.227.254.170

🇳🇱 45.148.10.157

🇫🇷 37.58.136.133

🇺🇸 20.168.6.227

🇺🇸 20.102.134.102

🇺🇸 3.224.198.48

🇮🇹 172.253.12.152