JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.37.24

104.207.37.24 was found in our database!

This IP was reported 77 times. Confidence of Abuse is 19%: ?

19%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.37.24

Whois 104.207.37.24

IP Abuse Reports for 104.207.37.24:

This IP address has been reported a total of 77 times from 14 distinct sources. 104.207.37.24 was first reported on June 4th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-05-17 04:55:41 (2 weeks ago)	Brute force	Brute-Force
🇦🇺 MAGIC	2026-05-08 01:07:34 (4 weeks ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇳🇱 Site.eu	2026-05-06 14:34:30 (4 weeks ago)	Excessive 404/403 errors	Brute-Force
🇧🇪 cmbplf	2026-05-06 07:41:24 (4 weeks ago)	517 requests with url.path *.env	Brute-Force Bad Web Bot
🇺🇸 nowyouknow	2026-03-03 15:48:41 (3 months ago)	(From [email protected]) No experience is necessary and full training is provided. But before ... show more (From [email protected]) No experience is necessary and full training is provided. But before you apply, you need to see which role you’re best suited for. Go here to take the Writing Job Quiz. ---> http://PaidToWrite.Online/ Once you finish the quiz, you’ll get a breakdown of the best opportunities available for you right now. Visit -----> http://PaidToWrite.Online/ show less	Phishing Web Spam
🇺🇸 TPI-Abuse	2026-02-09 21:37:23 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:37:15.280255 2026] [security2:error] [pid 11482:tid 11482] [client 104.207.37.24:52411] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "garnersystems.com"] [uri "/.env.save"] [unique_id "aYpTixw7iKlY1RGr4VTn7gAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 21:10:17 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:10:04.944221 2026] [security2:error] [pid 7810:tid 7810] [client 104.207.37.24:9435] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gapanda.com"] [uri "/api/.env"] [unique_id "aYpNLMPIpl6KjP2jDGO1kAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 16:17:23 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 11:17:20.806515 2026] [security2:error] [pid 4281:tid 4281] [client 104.207.37.24:49763] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fsmfl.com"] [uri "/.env.save"] [unique_id "aYoIkFDyNRvbm6bqdL2A7AAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 07:23:44 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 02:23:37.534493 2026] [security2:error] [pid 30899:tid 30899] [client 104.207.37.24:10839] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "futureproductionsonline.com"] [uri "/.env.save"] [unique_id "aYmLeVSTx6NzmXN3USdqsgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 05:44:40 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 00:44:35.984739 2026] [security2:error] [pid 11849:tid 11849] [client 104.207.37.24:54437] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "funkerecords.com"] [uri "/app/.env"] [unique_id "aYl0QwVxixBQ3B0Oz8U0GgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-02 07:41:58 (6 months ago)	botnet	DDoS Attack
🇩🇪 iNetWorker	2025-11-25 07:01:45 (6 months ago)	trolling for resource vulnerabilities	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:49:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:48:50.031533 2025] [security2:error] [pid 13942:tid 14043] [client 104.207.37.24:41415] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.conservativedemocrat.com"] [uri "/.env"] [unique_id "aSQN4g9TCbHXOd9uq_fLnwAAAdY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:55:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:55:31.569014 2025] [security2:error] [pid 921:tid 921] [client 104.207.37.24:53315] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.rememberingjohnhanson.com"] [uri "/.svn/wc.db"] [unique_id "aSPlQy-a3_lRPOu-haeNrgAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 09:44:15 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 77 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.149.127

🇺🇸 147.185.132.126

🇩🇪 130.12.181.103

🇺🇸 100.51.6.16

🇮🇷 94.101.184.145

🇳🇱 89.190.156.8

🇧🇬 78.128.113.74

🇧🇷 45.205.1.244

🇭🇰 223.197.178.95

🇬🇧 217.146.80.107

🇺🇸 216.73.160.131

🇩🇪 202.71.141.170

🇳🇱 202.71.14.42

🇺🇸 166.62.41.26

🇵🇱 95.214.53.196

🇷🇴 80.94.92.186

🇺🇸 64.94.159.250

🇺🇦 46.98.123.251

🇳🇱 45.94.31.112

🇬🇧 35.203.211.99