JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 208.84.100.114

208.84.100.114 was found in our database!

This IP was reported 361 times. Confidence of Abuse is 100%: ?

100%

ISP	Fro LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS22295
Domain Name	fro.email
Country	🇺🇸 United States of America
City	Kansas City, Missouri

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 208.84.100.114

Whois 208.84.100.114

IP Abuse Reports for 208.84.100.114:

This IP address has been reported a total of 361 times from 183 distinct sources. 208.84.100.114 was first reported on May 21st 2026, and the most recent report was 5 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-22 08:12:41 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 208.84.100.114 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 208.84.100.114 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 04:12:36.795276 2026] [security2:error] [pid 21519:tid 21519] [client 208.84.100.114:53980] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.bairentang.org"] [uri "/.env.production.copy"] [unique_id "ahAP9KTR2IE-JOieidSlMwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-22 07:55:45 (1 week ago)	(caddyscan) Scanner path probe from 208.84.100.114 (US/United States/-): 5 in the last 3600 secs; Po ... show more (caddyscan) Scanner path probe from 208.84.100.114 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 208.84.100.114 - - [22/May/2026:07:55:41 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 208.84.100.114 - - [22/May/2026:07:55:42 +0000] "GET /.env.local HTTP/1.1" [REDACTED] 200 2627 208.84.100.114 - - [22/May/2026:07:55:42 +0000] "GET /app/.env HTTP/1.1" [REDACTED] 200 2627 208.84.100.114 - - [22/May/2026:07:55:42 +0000] "GET /.aws/credentials HTTP/1.1" [REDACTED] 200 2627 208.84.100.114 - - [22/May/2026:07:55:42 +0000] "GET /.env.production HTTP/1.1" show less	Port Scan
🇦🇺 AWW-Admin	2026-05-22 07:34:15 (1 week ago)	(mod_security) mod_security triggered on hostname [redacted] 208.84.100.114 (US/United States/-)	SQL Injection
🇺🇸 walnuts	2026-05-22 07:04:33 (1 week ago)	Automated: Triggered nginx security jail (nginx-444) - probing blocked paths on web server	Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-05-22 07:04:16 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-05-22 05:57:31 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 208.84.100.114 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 208.84.100.114 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 01:57:23.517915 2026] [security2:error] [pid 22613:tid 22613] [client 208.84.100.114:22610] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.phillatwood.com"] [uri "/.env.production~"] [unique_id "ag_wQ5LjUfezmmSgfj3lzAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 AetherFox	2026-05-22 05:21:39 (1 week ago)	AetherFox VoidGuard detected: [Fri May 22 05:21:39.503202 2026] [authz_core:error] [pid 1094616:tid ... show more AetherFox VoidGuard detected: [Fri May 22 05:21:39.503202 2026] [authz_core:error] [pid 1094616:tid 1094669] [client 208.84.100.114:64248] AH01630: client denied by server configuration: proxy:https://hq.draconigen.net.dedivirt4209.your-server.de/.env.production [Fri May 22 05:21:39.503494 2026] [authz_core:error] [pid 1094616:tid 1094669] [client 208.84.100.114:64248] AH01630: client denied by server configuration: /var/www/html/ERRORpages/403.html [Fri May 22 05:21:39.507088 2026] [authz_core:error] [pid 1094615:tid 1094655] [client 208.84.100.114:64230] AH01630: client denied by server configuration: proxy:https://hq.draconigen.net.dedivirt4209.your-server.de/app/.env [Fri May 22 05:21:39.507307 2026] [authz_core:error] [pid 1094615:tid 1094655] [client 208.84.100.114:64230] AH01630: client denied by server configuration: /var/www/html/ERRORpages/403.html [Fri May 22 05:21:39.510149 2026] [authz_core:error] [pid 1094616:tid 1094665] [client 208.84.100.114:64254] ... show less	Bad Web Bot Web App Attack
🇩🇪 dbmwebdesign	2026-05-22 04:28:49 (1 week ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇸🇪 vaia.cloud	2026-05-22 03:49:01 (1 week ago)	trying wp-login.php/xmlrpc.php 30 times in 1 minutes	Brute-Force Web App Attack
🇳🇱 e.fierstra	2026-05-22 03:47:45 (1 week ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
Anonymous	2026-05-22 03:14:25 (1 week ago)	(caddyscan) Scanner path probe from 208.84.100.114 (US/United States/-): 5 in the last 3600 secs; Po ... show more (caddyscan) Scanner path probe from 208.84.100.114 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 208.84.100.114 - - [22/May/2026:03:14:22 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 208.84.100.114 - - [22/May/2026:03:14:22 +0000] "GET /app/.env HTTP/1.1" [REDACTED] 200 2627 208.84.100.114 - - [22/May/2026:03:14:22 +0000] "GET /.env.production HTTP/1.1" [REDACTED] 200 2627 208.84.100.114 - - [22/May/2026:03:14:22 +0000] "GET /.env.local HTTP/1.1" [REDACTED] 200 2627 208.84.100.114 - - [22/May/2026:03:14:22 +0000] "GET /backend/.env HTTP/1.1" show less	Port Scan
🇦🇺 aranguren.org	2026-05-22 03:05:47 (1 week ago)	208.84.100.114 - - [22/May/2026:13:05:43 +1000] "GET /.env.production.copy HTTP/1.1" 404 993 "-" "Mo ... show more 208.84.100.114 - - [22/May/2026:13:05:43 +1000] "GET /.env.production.copy HTTP/1.1" 404 993 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" 208.84.100.114 - - [22/May/2026:13:05:46 +1000] "GET /.env~ HTTP/1.1" 404 993 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_4 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.4 Mobile/15E148 Safari/604.1" 208.84.100.114 - - [22/May/2026:13:05:46 +1000] "GET /.env.bak HTTP/1.1" 404 993 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/147.0.0.0" 208.84.100.114 - - [22/May/2026:13:05:46 +1000] "GET /.git/logs/HEAD HTTP/1.1" 404 993 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:149.0) Gecko/20100101 Firefox/149.0" 208.84.100.114 - - [22/May/2026:13:05:46 +1000] "GET /.git/refs/heads/master HTTP/1.1" 404 993 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:149.0) Gecko/20100101 Firefox/149.0" 208.84.100 ... show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-22 02:49:51 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 208.84.100.114 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 208.84.100.114 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 22:49:47.775943 2026] [security2:error] [pid 9629:tid 9629] [client 208.84.100.114:38946] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.stpetersplayers.co.uk"] [uri "/.env.backup"] [unique_id "ag_ES3N6E9QJDQjt0PXigQAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-22 02:11:05 (1 week ago)	208.84.100.114 - - [22/May/2026:04:10:59 +0200] "GET /.git/config HTTP/1.1" 403 177 "-" "Mozilla/5.0 ... show more 208.84.100.114 - - [22/May/2026:04:10:59 +0200] "GET /.git/config HTTP/1.1" 403 177 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36" ... show less	Web App Attack
🇬🇧 andypiper	2026-05-22 01:00:37 (1 week ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack

Showing 316 to 330 of 361 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.202.112.85

🇨🇳 121.40.47.123

🇷🇴 2.57.121.25

🇺🇸 207.90.244.10

🇮🇹 178.249.211.70

🇧🇷 168.195.233.144

🇺🇸 66.132.195.51

🇺🇸 66.132.186.220

🇳🇱 45.148.10.183

🇩🇪 45.135.140.4

🇸🇬 43.153.204.181

🇬🇧 35.203.210.208

🇺🇸 34.85.158.5

🇺🇸 20.127.195.188

🇯🇵 20.63.210.3

🇫🇷 13.106.134.79

🇳🇱 195.178.110.30

🇨🇳 182.244.0.150

🇮🇳 182.95.48.122

🇨🇳 180.184.142.135