JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.54.41

104.207.54.41 was found in our database!

This IP was reported 139 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.54.41

Whois 104.207.54.41

IP Abuse Reports for 104.207.54.41:

This IP address has been reported a total of 139 times from 14 distinct sources. 104.207.54.41 was first reported on June 21st 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-04-02 06:42:16 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.54.41 (DE/Germany/-): 1 in the last 36 ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.54.41 (DE/Germany/-): 1 in the last 3600 secs (0-197) show less	Hacking
🇫🇷 masterguru	2026-03-30 06:06:57 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.54.41 (DE/Germany/-): 1 in the last 36 ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.54.41 (DE/Germany/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇪🇸 librebit	2026-03-29 02:01:44 (2 months ago)	Brute force	Brute-Force
🇩🇪 Bedios GmbH	2026-02-09 13:10:48 (4 months ago)	SQL backup theft attempt	Hacking
🇺🇸 TPI-Abuse	2025-12-10 00:45:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 19:44:57.961514 2025] [security2:error] [pid 4774:tid 4774] [client 104.207.54.41:41045] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "juyla.com"] [uri "/.git/HEAD"] [unique_id "aTjCiXiBwuoCR94XmjhqRAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 06:25:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 01:25:38.760897 2025] [security2:error] [pid 10321:tid 10321] [client 104.207.54.41:43171] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gacstoday.com"] [uri "/.env"] [unique_id "aTZvYunniE7YKNjxYM-DwgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 20:42:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 15:42:02.666816 2025] [security2:error] [pid 5730:tid 5730] [client 104.207.54.41:47431] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "manmadegulliblewarming.com"] [uri "/.env"] [unique_id "aTXmmviJ6lM22ncdj6d5TAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 17:17:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 12:17:53.024933 2025] [security2:error] [pid 10735:tid 10735] [client 104.207.54.41:24491] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "countylockup.org"] [uri "/.git/HEAD"] [unique_id "aTW2wWHIInIbvnlDTB2xYgAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 15:55:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 10:55:37.795425 2025] [security2:error] [pid 19077:tid 19077] [client 104.207.54.41:27485] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "splashstation.org"] [uri "/.env"] [unique_id "aTWjeV8WqiGUN5yW8z9y2wAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 12:08:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 07:08:16.575517 2025] [security2:error] [pid 25856:tid 25856] [client 104.207.54.41:40875] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "adona.org"] [uri "/.git/HEAD"] [unique_id "aTVuMNuKY2YWYyF5xyK9EgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 16:14:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 11:14:33.393928 2025] [security2:error] [pid 15205:tid 15205] [client 104.207.54.41:48437] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "flugstad.net"] [uri "/.env"] [unique_id "aTRWacdBVhw1MR_xZKnmFwAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 06:30:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 01:30:36.870825 2025] [security2:error] [pid 2590:tid 2590] [client 104.207.54.41:28845] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "futurbike.it"] [uri "/.svn/wc.db"] [unique_id "aTPNjJKjpaEod4yB97otXgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-05 21:40:03 (6 months ago)	104.207.54.41 - - [05/Dec/2025:21:40:02 +0000] "GET /.env HTTP/1.1" 302 437 "-" "Mozilla/5.0 (Window ... show more 104.207.54.41 - - [05/Dec/2025:21:40:02 +0000] "GET /.env HTTP/1.1" 302 437 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0" ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 07:52:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 02:52:26.749688 2025] [security2:error] [pid 12906:tid 12906] [client 104.207.54.41:13471] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lighthousegive.com"] [uri "/.svn/wc.db"] [unique_id "aTKPOv1Beuz8QvrDotLuFgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 03:04:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 22:04:18.685619 2025] [security2:error] [pid 14756:tid 14756] [client 104.207.54.41:41035] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stricklinranch.com"] [uri "/.git/HEAD"] [unique_id "aTJLsortBLKcBIO8ejfM2wAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 139 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 195.96.139.109

🇦🇷 190.244.39.224

🇨🇳 59.38.131.149

🇨🇳 36.135.103.30

🇨🇳 223.85.102.138

🇨🇴 201.244.45.234

🇫🇮 178.20.210.185

🇺🇸 140.235.168.121

🇩🇪 95.90.13.168

🇮🇶 65.20.217.64

🇲🇾 49.124.152.35

🇺🇸 44.16.33.123

🇺🇸 44.0.178.242

🇻🇳 14.231.92.22

🇪🇸 196.196.150.5

🇧🇷 177.129.252.53

🇨🇳 123.57.252.201

🇵🇹 109.50.185.153

🇩🇪 87.106.38.213

🇧🇬 79.124.62.126