JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.54.141

104.207.54.141 was found in our database!

This IP was reported 152 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.54.141

Whois 104.207.54.141

IP Abuse Reports for 104.207.54.141:

This IP address has been reported a total of 152 times from 26 distinct sources. 104.207.54.141 was first reported on June 5th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-03-24 20:28:41 (2 months ago)	IM360 WAF: Old style account creation and modification in Joomla! MV:registration	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:37:13 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:37:07.312324 2026] [security2:error] [pid 652:tid 652] [client 104.207.54.141:28217] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "paardekooper.info"] [uri "/app/.git/config"] [unique_id "aZGv46zr1_c4qZwIImZ-GQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 07:05:16 (3 months ago)	Scanning/Probing (12)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:40:31 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:40:26.920595 2026] [security2:error] [pid 689:tid 689] [client 104.207.54.141:60565] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oposicionesyconcursos.es"] [uri "/.env.save"] [unique_id "aZFqWsgn7l6UA8ytnWTC6wAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:57:39 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:57:34.460333 2026] [security2:error] [pid 15142:tid 15142] [client 104.207.54.141:12403] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "schlegelcreative.com"] [uri "/.env.production"] [unique_id "aZFgTmzFKnoO-DTnYMFpsQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-15 04:59:06 (3 months ago)	Bot / scanning and/or hacking attempts: GET /app/.env HTTP/1.1, GET /api/.env HTTP/1.1, GET /.env.st ... show more Bot / scanning and/or hacking attempts: GET /app/.env HTTP/1.1, GET /api/.env HTTP/1.1, GET /.env.staging HTTP/1.1, GET /.env.production HTTP/1.1, GET /admin/.env HTTP/1.1, GET /.env.save HTTP/1.1 show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:15:49 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:15:44.290153 2026] [security2:error] [pid 16492:tid 16492] [client 104.207.54.141:27583] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nrvoutdoors.com"] [uri "/app/.env"] [unique_id "aZFIcFWtsVyPA__Ea1pTTAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:00:05 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:00:02.438914 2026] [security2:error] [pid 22106:tid 22183] [client 104.207.54.141:49247] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "potashbarn.com"] [uri "/admin/.git/config"] [unique_id "aZFEwshSZQInS4HdHIcAUQAAAZA"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 IROK	2026-02-15 02:51:27 (3 months ago)	Firewall Blocked - Unauthorized Port Scanning ...	Port Scan
🇮🇩 Burayot	2026-02-15 02:35:34 (3 months ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 104.207.54.141 (DE/Germany/-): 2 in ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 104.207.54.141 (DE/Germany/-): 2 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:29:48 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:29:42.663650 2026] [security2:error] [pid 2168:tid 2179] [client 104.207.54.141:38011] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nextlevelpsych.com"] [uri "/.git/config"] [unique_id "aZEvlrFwGIsX64Wb-80SPAAAAEY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:04:23 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:04:14.595170 2026] [security2:error] [pid 191790:tid 191790] [client 104.207.54.141:9343] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pjbruner.com"] [uri "/.git/config"] [unique_id "aZEpntMXC7zJeoff_V8F9QAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:33:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:33:46.651009 2026] [security2:error] [pid 21234:tid 21234] [client 104.207.54.141:50131] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "needtoorder.us"] [uri "/config/.env"] [unique_id "aZEiemuSB8MHmK8Gj4N7YAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-02-15 01:01:53 (3 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:56:00 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:55:55.771023 2026] [security2:error] [pid 19213:tid 19213] [client 104.207.54.141:21099] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "photogreetingcardsonline.com"] [uri "/.git/config"] [unique_id "aZEZmxcBuRm7jkyXeLfpEAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 152 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇭 209.99.189.138

🇩🇪 185.249.74.198

🇨🇳 180.153.236.238

🇸🇪 171.25.158.58

🇻🇳 112.137.143.2

🇨🇳 81.70.149.60

🇩🇪 69.5.169.65

🇸🇬 47.79.201.198

🇳🇱 45.148.10.151

🇩🇪 31.76.27.231

🇲🇽 201.103.214.31

🇮🇳 168.144.85.110

🇨🇳 124.160.173.22

🇳🇱 104.23.168.43

🇳🇱 93.123.109.114

🇱🇹 77.90.185.80

🇸🇬 47.79.206.138

🇳🇱 45.148.10.230

🇳🇱 45.148.10.183

🇨🇳 221.235.197.129