JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 109.207.132.24

109.207.132.24 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 43%: ?

43%

ISP	Welt-Net Broadband
Usage Type	Data Center/Web Hosting/Transit
ASN	AS50835
Domain Name	welt-net.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 109.207.132.24

Whois 109.207.132.24

IP Abuse Reports for 109.207.132.24:

This IP address has been reported a total of 28 times from 9 distinct sources. 109.207.132.24 was first reported on June 11th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 geot	2026-06-17 12:13:51 (1 week ago)	GET /.vscode/sftp.json HTTP/1.1	Hacking Web App Attack
🇫🇮 inlink.ltd	2026-06-17 02:15:55 (1 week ago)	dot file probe	Web App Attack
🇬🇧 Oakley	2026-06-17 00:09:31 (1 week ago)	(confirmed_bot_sig) Confirmed bot	Hacking
🇺🇸 TPI-Abuse	2026-06-16 23:57:51 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 19:57:45.404600 2026] [security2:error] [pid 27841:tid 27841] [client 109.207.132.24:59572] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tiffanyshouses.com"] [uri "/sftp-config.json"] [unique_id "ajHi-b--8yfMToPxre0Z2QAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 robinwolff	2026-06-16 21:55:46 (1 week ago)		Web App Attack Hacking
🇨🇭 4server	2026-06-16 21:27:53 (1 week ago)	[TueJun1623:27:50.0133352026][security2:error][pid1888583:tid1888773][client109.207.132.24:0]ModSecu ... show more [TueJun1623:27:50.0133352026][security2:error][pid1888583:tid1888773][client109.207.132.24:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\\\\\\\\.vscode/\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1189\"][id\"350593\"][rev\"1\"][msg\"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessstoredvscodepasswords\"][severity\"CRITICAL\"][hostname\"ticino-host.ch\"][uri\"/.vscode/sftp.json\"][unique_id\"ajG_1puVnafKAQwHwHrEQAAAAMY\"] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 18:55:48 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 14:55:41.237812 2026] [security2:error] [pid 23258:tid 23258] [client 109.207.132.24:41578] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thrudheim.org"] [uri "/sftp-config.json"] [unique_id "ajGcLVYrPokJzQkkJGSnygAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 16:17:21 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 12:17:13.815499 2026] [security2:error] [pid 24655:tid 24655] [client 109.207.132.24:27602] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thongtracker.com"] [uri "/sftp-config.json"] [unique_id "ajF3CTztdDiCVleWr4Tq6QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 nyt	2026-06-14 07:12:16 (2 weeks ago)	Deploy Config Probe	Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 05:56:57 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 01:56:51.402521 2026] [security2:error] [pid 22331:tid 22331] [client 109.207.132.24:41988] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cressyvideo.com"] [uri "/sftp-config.json"] [unique_id "ai5Co8uvnvYnp5juP-Qc6gAAAIc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 05:25:12 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 01:25:08.985702 2026] [security2:error] [pid 13253:tid 13253] [client 109.207.132.24:5188] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crescentcitycafe.com"] [uri "/sftp-config.json"] [unique_id "ai47NOSHy3DcVTwuoslJMwAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 02:18:57 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 22:18:51.518121 2026] [security2:error] [pid 9472:tid 9485] [client 109.207.132.24:52502] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "credit-protector.com"] [uri "/sftp-config.json"] [unique_id "ai4Pi86eVvrpL7HekUthUwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 19:50:51 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 15:50:44.636517 2026] [security2:error] [pid 3972:tid 3972] [client 109.207.132.24:10024] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crearcuestionarios.com"] [uri "/sftp-config.json"] [unique_id "ai20lNM-o5ZQtNaEDmiqVwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 08:57:00 (2 weeks ago)	(mod_security) mod_security (id:210580) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210580) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 04:56:53.372674 2026] [security2:error] [pid 14107:tid 14107] [client 109.207.132.24:10908] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_landing_page. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt\|\|cpking.com\|F\|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_landing_page: http:/conceptionsflorida.com/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "cpking.com"] [uri "/.vscode/sftp.json"] [unique_id "ai0bVYE2tbaNjE3dV1bKowAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 22:34:57 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 18:34:50.096795 2026] [security2:error] [pid 31619:tid 31619] [client 109.207.132.24:63514] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cougarcrusade.com"] [uri "/sftp-config.json"] [unique_id "aiyJilgZqPerC2TW2z_0zwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.108

🇩🇪 194.88.98.108

🇷🇴 193.46.255.86

🇻🇪 186.91.207.203

🇷🇺 176.193.239.34

🇳🇱 176.65.149.55

🇮🇳 106.192.108.231

🇩🇪 69.5.169.18

🇸🇬 47.84.134.69

🇺🇸 13.86.105.19

🇨🇳 183.191.191.110

🇺🇸 143.42.1.84

🇮🇳 117.247.48.117

🇺🇸 20.118.248.174

🇷🇴 2a01:9580:8409:2:9999::199

🇺🇸 209.141.34.121

🇮🇳 202.53.94.246

🇧🇷 189.15.10.179

🇫🇮 178.20.210.208

🇦🇲 176.32.193.16