JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.50.115

104.207.50.115 was found in our database!

This IP was reported 133 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.50.115

Whois 104.207.50.115

IP Abuse Reports for 104.207.50.115:

This IP address has been reported a total of 133 times from 16 distinct sources. 104.207.50.115 was first reported on June 6th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-05-05 15:57:01 (1 month ago)	IM360 WAF: Old style account creation and modification in Joomla! MV:registration	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-02-24 04:41:08 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 23:41:06.211922 2026] [security2:error] [pid 28136:tid 28136] [client 104.207.50.115:30191] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "al-harbi.com"] [uri "/.git/config"] [unique_id "aZ0r4poptAPRS8ThNldz8AAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-23 15:03:39 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 10:03:35.906680 2026] [security2:error] [pid 21431:tid 21431] [client 104.207.50.115:42063] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dreamssoldhere.creareformis.com"] [uri "/.git/config"] [unique_id "aZxsRy2XHIu3YH_2wqTUTgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-23 09:30:49 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 04:30:44.002528 2026] [security2:error] [pid 2484:tid 2484] [client 104.207.50.115:12787] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "onlinedigitalsuperstore.banis-associates.com"] [uri "/.git/config"] [unique_id "aZweRPV2-QxVdCfhRQ9GRAAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 ciccio diddo	2026-02-12 20:09:16 (3 months ago)	CMS/WP Exploit xmlrpc port:Tcp/80,443	Brute-Force Web App Attack
🇩🇪 stinpriza	2026-02-08 16:34:05 (4 months ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 07:02:47 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 02:02:42.897743 2026] [security2:error] [pid 66646:tid 66757] [client 104.207.50.115:59757] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.alexidevilliers.cynosureinternetservices.com"] [uri "/.env"] [unique_id "aWs0Em9MRXKGrYfAFBLJBAAAANM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 05:13:59 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 00:13:55.979661 2026] [security2:error] [pid 31547:tid 31554] [client 104.207.50.115:60903] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.emehache.com"] [uri "/.env"] [unique_id "aWsak4dyI17sIdhlhtH2wAAAAEU"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2026-01-17 00:47:52 (4 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-01-16 22:40:09 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 17:40:03.274428 2026] [security2:error] [pid 10781:tid 10781] [client 104.207.50.115:9893] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.aviil.com"] [uri "/.env"] [unique_id "aWq-Q3ybgsEY9AUc0kb-rgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-16 19:21:28 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 14:21:21.103347 2026] [security2:error] [pid 17479:tid 17479] [client 104.207.50.115:31335] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.egelfitness.nl"] [uri "/.env"] [unique_id "aWqPsc8CbqL5fc20N1eZJgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-16 18:39:49 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 13:39:44.244815 2026] [security2:error] [pid 3631:tid 3631] [client 104.207.50.115:44187] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.austingrammer.com"] [uri "/.env"] [unique_id "aWqF8KShR3PwHugfH4uG0wAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-16 10:03:16 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 05:03:10.234838 2026] [security2:error] [pid 18368:tid 18368] [client 104.207.50.115:40057] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sargous.com"] [uri "/config.php%7C/.env%7Csettings.py"] [unique_id "aWoM3kVEw_C1Dh7F3rFrpgAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (6 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host

Showing 1 to 15 of 133 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.139.103

🇫🇷 91.231.89.150

🇬🇧 217.154.38.181

🇺🇸 66.132.172.236

🇺🇸 20.163.15.173

🇭🇰 199.45.154.187

🇬🇧 193.163.125.108

🇨🇳 182.242.168.6

🇮🇳 182.79.218.164

🇺🇸 172.202.118.19

🇮🇩 124.40.252.3

🇫🇷 86.236.56.222

🇱🇹 81.30.98.158

🇺🇸 66.132.186.242

🇺🇸 35.254.62.21

🇷🇴 2.57.122.177

🇺🇸 209.250.5.29

🇭🇰 199.45.155.96

🇩🇪 185.242.3.231

🇺🇸 172.203.134.70