JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.40.124

104.207.40.124 was found in our database!

This IP was reported 144 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.40.124

Whois 104.207.40.124

IP Abuse Reports for 104.207.40.124:

This IP address has been reported a total of 144 times from 24 distinct sources. 104.207.40.124 was first reported on June 4th 2024, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 ps-center	2025-12-29 20:03:33 (5 months ago)	DIS: Web Attack GET /wp-config.php.save	Web Spam Hacking Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:56 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇪🇸 masterguru	2025-12-14 12:28:55 (5 months ago)	Restricted File Access Attempt. Matched phrase "wp-config.php" at REQUEST_FILENAME. (930130-122)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 21:50:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.124 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 16:50:30.081341 2025] [security2:error] [pid 16893:tid 16893] [client 104.207.40.124:37129] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "genevainvestors.com"] [uri "/.svn/wc.db"] [unique_id "aSjHpsoyNI0X1BzCPiYHTwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 11:20:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.124 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:20:34.985987 2025] [security2:error] [pid 32083:tid 32096] [client 104.207.40.124:52495] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.tmsx2.com"] [uri "/.svn/wc.db"] [unique_id "aSbigkswSQfOe5OvGk0ymgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 09:42:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.124 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 04:42:27.972227 2025] [security2:error] [pid 8501:tid 8501] [client 104.207.40.124:49281] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.macfeirie.com"] [uri "/.env"] [unique_id "aSbLgwttWABMT95pNxP3HQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 08:57:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.124 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:57:30.280180 2025] [security2:error] [pid 24597:tid 24597] [client 104.207.40.124:25357] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.idodat.com"] [uri "/.env"] [unique_id "aSbA-vg8j7PuO1QUdBZ4NAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:59:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.124 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:59:02.846091 2025] [security2:error] [pid 19743:tid 19743] [client 104.207.40.124:22855] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.madisonworkshopwest.com"] [uri "/.env"] [unique_id "aSaXJprYYzKTwulFgZ8PrgAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:03:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.124 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:03:53.623499 2025] [security2:error] [pid 20491:tid 20491] [client 104.207.40.124:50415] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "market1st.bridgital.com"] [uri "/.git/HEAD"] [unique_id "aSZR-R1Ga9FBg46y4oQk0AAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:02:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.124 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:02:03.243296 2025] [security2:error] [pid 25521:tid 25521] [client 104.207.40.124:43151] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.xcengineering.xyz"] [uri "/.svn/wc.db"] [unique_id "aSZDe0bCi1tqhsKAVUs2DAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:11:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.124 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:10:44.757270 2025] [security2:error] [pid 21168:tid 21168] [client 104.207.40.124:56623] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.gilcaro.com"] [uri "/.svn/wc.db"] [unique_id "aSQTBCiRwqGbljiWJugKpQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 13:22:19 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 13:55:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.124 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 08:55:13.250030 2025] [security2:error] [pid 19110:tid 19110] [client 104.207.40.124:10497] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.hatfulofrain.com"] [uri "/config.php%7C/.env%7Csettings.py"] [unique_id "aRXjQUk-b7-4D-SkOk279wAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-07 15:26:10 (6 months ago)	wordpress-trap	Web App Attack
🇨🇦 wil.com	2025-10-17 13:43:20 (7 months ago)	GlobalProtect login attempts with user malcolmc.	VPN IP Brute-Force

Showing 1 to 15 of 144 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇱🇻 185.113.139.51

🇨🇳 171.116.47.24

🇫🇷 75.119.156.116

🇺🇸 23.254.178.52

🇹🇼 198.235.24.69

🇲🇽 187.174.238.116

🇫🇷 185.177.72.100

🇵🇰 153.117.7.13

🇩🇪 151.243.11.35

🇮🇳 143.110.186.36

🇵🇾 138.59.224.80

🇨🇳 112.65.211.88

🇭🇰 101.36.111.119

🇳🇱 45.148.10.240

🇦🇹 45.95.243.5

🇳🇱 45.8.17.11

🇳🇱 45.8.17.8

🇬🇧 35.203.210.100

🇷🇴 2.57.121.25

🇧🇪 198.235.24.204