JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.45.24

104.207.45.24 was found in our database!

This IP was reported 125 times. Confidence of Abuse is 20%: ?

20%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.45.24

Whois 104.207.45.24

IP Abuse Reports for 104.207.45.24:

This IP address has been reported a total of 125 times from 34 distinct sources. 104.207.45.24 was first reported on June 7th 2024, and the most recent report was 22 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-06-14 19:15:14 (22 hours ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-09 13:07:12 (6 days ago)	Scanning/Probing (34)	Brute-Force Web App Attack
🇨🇳 ThreatBook.io	2026-05-11 23:22:10 (1 month ago)	ThreatBook Intelligence: http_proxy,Zombie more details on https://threatbook.io/ip/104.207.45.24 20 ... show more ThreatBook Intelligence: http_proxy,Zombie more details on https://threatbook.io/ip/104.207.45.24 2026-05-11 20:48:31 / 2026-05-11 20:52:45 / 2026-05-11 20:36:31 / show less	Web App Attack
🇺🇸 factor1	2026-03-27 08:10:04 (2 months ago)	Fail2ban at atlas Reports Abuse.	Bad Web Bot
Anonymous	2026-03-23 08:45:15 (2 months ago)	"GET /wp-login.php HTTP/1.1"	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:33:56 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:33:51.721021 2026] [security2:error] [pid 786850:tid 786873] [client 104.207.45.24:27611] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "quetzalcoatl2012.net"] [uri "/admin/.env"] [unique_id "aZG9L-l4D30lxioNoxLmIQAAANU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-02-15 12:30:38 (4 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:50:15 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:50:10.204962 2026] [security2:error] [pid 7940:tid 7940] [client 104.207.45.24:54549] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "serconpri.com"] [uri "/test/.git/config"] [unique_id "aZGy8hdAS7ltKpFemzIM6AAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 11:05:47 (4 months ago)	Too many Status 40X (12) Scanning/Probing (13)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:30:57 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:30:50.400065 2026] [security2:error] [pid 4366:tid 4366] [client 104.207.45.24:9741] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scottwithers.net"] [uri "/.env.production"] [unique_id "aZFoGrOVSiW36da1HxcedQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 Martlark	2026-02-15 06:29:33 (4 months ago)	Flask-IPban - exploit URL requested:/config/.env	Web App Attack
🇩🇪 gadix	2026-02-15 05:21:49 (4 months ago)	[15/Feb/2026:06:21:48.021176 +0100] aZFX7Nfk7Z4Z5gLC1LbiwAAAAFE 104.207.45.24 52060 127.0.0.1 7081 [ ... show more [15/Feb/2026:06:21:48.021176 +0100] aZFX7Nfk7Z4Z5gLC1LbiwAAAAFE 104.207.45.24 52060 127.0.0.1 7081 [15/Feb/2026:06:21:48.480016 +0100] aZFX7H18zuAUuYzRJMg3wAAAAII 104.207.45.24 52076 127.0.0.1 7081 [15/Feb/2026:06:21:48.933788 +0100] aZFX7H18zuAUuYzRJMg3wQAAAI4 104.207.45.24 52082 127.0.0.1 7081 ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:49:15 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:49:11.077427 2026] [security2:error] [pid 11821:tid 11821] [client 104.207.45.24:20005] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sanvicentedelraspeig.com"] [uri "/config/.env"] [unique_id "aZFQRyFpucp1XUdcw4-CRgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:44:28 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:44:25.231957 2026] [security2:error] [pid 6707:tid 6707] [client 104.207.45.24:60939] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "noreservationslocations.com"] [uri "/v2/.git/config"] [unique_id "aZFBGb6cSfvh1OPf7HSx1gAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:11:56 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:11:51.192713 2026] [security2:error] [pid 21616:tid 21616] [client 104.207.45.24:18961] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "njoyquilts.com"] [uri "/app/.git/config"] [unique_id "aZE5d47kGdTw76LsHxXDjgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 125 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.226

🇲🇽 201.142.175.59

🇺🇸 162.216.150.15

🇳🇱 89.248.163.200

🇵🇱 195.3.223.157

🇸🇬 152.42.240.74

🇧🇷 129.121.50.245

🇨🇳 39.171.197.82

🇮🇳 34.14.214.227

🇩🇪 167.94.146.61

🇺🇸 161.35.232.196

🇫🇷 91.196.152.218

🇳🇱 45.198.224.12

🇺🇸 216.158.231.26

🇮🇳 192.178.119.27

🇺🇸 152.32.150.7

🇺🇸 74.87.117.149

🇨🇳 61.136.172.172

🇧🇷 45.205.1.70

🇧🇷 20.197.176.198