JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.54.114

104.207.54.114 was found in our database!

This IP was reported 137 times. Confidence of Abuse is 15%: ?

15%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.54.114

Whois 104.207.54.114

IP Abuse Reports for 104.207.54.114:

This IP address has been reported a total of 137 times from 19 distinct sources. 104.207.54.114 was first reported on June 4th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ELYAZ	2026-05-30 12:16:57 (3 weeks ago)	(y4) Failed scan -byebye- from 104.207.54.114 (DE/Germany/-): (CF_ENABLE)	Hacking
Anonymous	2026-05-28 13:18:00 (3 weeks ago)	[ns31.kdns.gr] httpd-login-spray-site: sites=ceramics-menegis.gr; logs=/var/log/httpd/domains/cerami ... show more [ns31.kdns.gr] httpd-login-spray-site: sites=ceramics-menegis.gr; logs=/var/log/httpd/domains/ceramics-menegis.gr.log; samples=site_wide=true \| distinct_ips=13 \| /wp-login.php show less	Hacking Web App Attack
🇺🇸 lostswordfish.com	2026-05-23 09:42:04 (4 weeks ago)	Wordfence waf block on secure	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 08:09:29 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.114 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.114 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:09:24.247548 2026] [security2:error] [pid 7844:tid 7844] [client 104.207.54.114:28109] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "labcomputers.com"] [uri "/dev/.git/config"] [unique_id "aY7cNGzZrzC2yEoEQ2xGHwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:21:12 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.114 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.114 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:21:07.731651 2026] [security2:error] [pid 2405524:tid 2405524] [client 104.207.54.114:54597] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kozzmik.online"] [uri "/api/.env"] [unique_id "aY7C09Br5teq4zBGWOjvFwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:13:09 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.114 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.114 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:13:06.483428 2026] [security2:error] [pid 6414:tid 6414] [client 104.207.54.114:63273] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kingstoneproperties.com"] [uri "/admin/.env"] [unique_id "aY6k0k1b1lrraCJiu9J-NAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:13:35 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.114 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.114 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:13:32.582488 2026] [security2:error] [pid 16089:tid 16089] [client 104.207.54.114:39301] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kfraser.com"] [uri "/.env.save"] [unique_id "aY6W3B9SCZN4mzWY_xZTYQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:48:13 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.114 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.114 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:48:06.464610 2026] [security2:error] [pid 4559:tid 4559] [client 104.207.54.114:35375] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kerbros.com"] [uri "/backend/.env"] [unique_id "aY6Q5sw23yIvX7I_3DfkpAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:19:02 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.114 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.114 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:18:54.465794 2026] [security2:error] [pid 11198:tid 11330] [client 104.207.54.114:57997] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keetons.net"] [uri "/site/.git/config"] [unique_id "aY6KDmN5WYbQMelVTp6WsAAAAog"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ne1for23	2026-02-13 02:13:19 (4 months ago)	Attempting to probe for sensitive information accidently exposed via git config. 104.207.54.114 - - ... show more Attempting to probe for sensitive information accidently exposed via git config. 104.207.54.114 - - [13/Feb/2026:02:13:18 +0000] "GET /.git/config HTTP/1.1" 403 153 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" show less	Hacking
🇺🇸 TPI-Abuse	2026-02-12 14:43:27 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.114 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.114 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 09:43:24.171648 2026] [security2:error] [pid 3754:tid 3754] [client 104.207.54.114:39605] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "asaint.net"] [uri "/.git/config"] [unique_id "aY3nDIwCEja9NIR4lHb_PgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 12:09:22 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.114 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.114 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 07:09:16.756640 2026] [security2:error] [pid 22611:tid 22611] [client 104.207.54.114:46161] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "edmontonwaterjet.com"] [uri "/.env.save"] [unique_id "aYxxbKegxXiamiD_EVYXcAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 22:17:20 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.114 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.114 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 17:17:14.295901 2026] [security2:error] [pid 26900:tid 26900] [client 104.207.54.114:30723] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "convtek.com"] [uri "/api/.git/config"] [unique_id "aYuual93JDpQSJAe8V6JAQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 15:06:09 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.114 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.114 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 10:06:03.293477 2026] [security2:error] [pid 23370:tid 23370] [client 104.207.54.114:61933] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "borzois.com"] [uri "/v2/.git/config"] [unique_id "aYtJWyDcxkeNNTaA73Y-kQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 06:18:36 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.114 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.114 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 01:18:30.737595 2026] [security2:error] [pid 28388:tid 28388] [client 104.207.54.114:41293] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ggaccounting.services"] [uri "/frontend/.env"] [unique_id "aYrNthzIXOo6L5Aa2mdebgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 137 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 109.91.4.177

🇫🇷 91.231.89.252

🇬🇧 2a06:4880:6000::8f

🇶🇦 212.70.109.190

🇮🇳 140.238.160.152

🇮🇳 103.145.37.12

🇬🇭 102.223.92.101

🇳🇱 91.92.40.5

🇺🇸 193.3.53.11

🇺🇸 165.22.186.165

🇸🇬 101.47.8.187

🇮🇷 93.117.120.155

🇺🇸 66.132.186.211

🇧🇪 34.22.196.129

🇺🇸 23.104.75.61

🇺🇸 23.27.244.95

🇺🇸 3.219.80.71

🇭🇰 156.226.176.91

🇺🇸 147.182.179.186

🇯🇵 101.36.104.242