JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.57.124

104.207.57.124 was found in our database!

This IP was reported 162 times. Confidence of Abuse is 10%: ?

10%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.57.124

Whois 104.207.57.124

IP Abuse Reports for 104.207.57.124:

This IP address has been reported a total of 162 times from 25 distinct sources. 104.207.57.124 was first reported on June 6th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 big-cloud.nl	2026-05-17 06:10:26 (2 weeks ago)	Try to access /xmlrpc.php?rsd	Web App Attack
🇬🇧 PeravixGroup	2026-05-07 11:55:17 (4 weeks ago)	Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Sever ... show more Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-07 05:48:52 (4 weeks ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: CRITICAL. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-06 13:39:46 (4 weeks ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇫🇷 dynamix	2026-02-13 08:11:48 (3 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:46:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.124 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:46:18.969976 2026] [security2:error] [pid 2391999:tid 2391999] [client 104.207.57.124:47407] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kristinmoore.com"] [uri "/backup/.git/config"] [unique_id "aY7IuugPv-7c_Za_YrMOmAAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-02-13 06:03:14 (3 months ago)	Try to access /backup/.git/config	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:00:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.124 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:00:50.993750 2026] [security2:error] [pid 1230:tid 1230] [client 104.207.57.124:63307] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "koolcoastalnights.com"] [uri "/.env.production"] [unique_id "aY6-Egt123DllBNM7pLrCAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 05:26:08 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.124 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:26:02.726600 2026] [security2:error] [pid 13276:tid 13276] [client 104.207.57.124:29091] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "knoxvillelimos.com"] [uri "/backend/.env"] [unique_id "aY616lSU8Y6QxoJHcXCa4AAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-13 05:06:53 (3 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:46:53 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.124 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:46:46.083701 2026] [security2:error] [pid 28422:tid 28422] [client 104.207.57.124:55851] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "killeramps.com"] [uri "/admin/.git/config"] [unique_id "aY6epmZl6H_BSdWoXzVaOgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Bedios GmbH	2026-02-13 01:04:29 (3 months ago)	Login credentials theft attempt	Hacking
🇺🇸 TPI-Abuse	2026-02-12 15:50:01 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.124 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 10:49:54.952139 2026] [security2:error] [pid 5085:tid 5085] [client 104.207.57.124:55085] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bilund.com"] [uri "/.git/config"] [unique_id "aY32omwmzg-GvOXt0UgQ9QAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 15:22:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.124 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 10:19:43.513803 2026] [security2:error] [pid 19536:tid 19536] [client 104.207.57.124:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "barryherbach.com"] [uri "/.git/config"] [unique_id "aY3vj2wL75LZECOyUF71rAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 162 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 216.226.76.10

🇯🇵 180.51.40.47

🇨🇦 85.217.149.40

🇫🇷 85.217.140.39

🇺🇸 50.87.144.79

🇨🇴 45.179.200.156

🇳🇱 45.148.10.34

🇳🇱 34.6.128.242

🇷🇴 2.57.122.177

🇭🇰 199.45.154.184

🇧🇪 198.235.24.207

🇧🇷 186.207.60.199

🇲🇰 185.193.240.246

🇬🇧 172.71.26.38

🇺🇸 143.42.173.60

🇺🇸 104.23.251.88

🇹🇭 102.129.138.199

🇺🇸 54.86.44.65

🇸🇬 47.84.180.235

🇧🇪 34.79.3.251