JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.50.177

104.207.50.177 was found in our database!

This IP was reported 163 times. Confidence of Abuse is 10%: ?

10%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.50.177

Whois 104.207.50.177

IP Abuse Reports for 104.207.50.177:

This IP address has been reported a total of 163 times from 25 distinct sources. 104.207.50.177 was first reported on June 6th 2024, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 FeG Deutschland	2026-06-12 04:24:43 (5 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇩🇪 4server	2026-04-21 14:41:53 (1 month ago)	[TueApr2116:41:50.7386612026][security2:error][pid3025238:tid3025248][client104.207.50.177:0]ModSecu ... show more [TueApr2116:41:50.7386612026][security2:error][pid3025238:tid3025248][client104.207.50.177:0]ModSecurity:Accessdeniedwithcode403$phase1$.Patternmatch\"$\?i$$\?:/\(\?:\^\\|/$\\\\\\\\.$env\\|git\\|svn\\|hg\\|DS_Store$\\|/$\?:wp-config\\|\\\\\\\\.htaccess\\|\\\\\\\\.htpasswd$\\|\\\\\\\\.$\?:sql\\|bak\\|old\\|log$\$\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"156\"][id\"960720\"][msg\"Forbiddenfileaccessattempt\"][severity\"CRITICAL\"][hostname\"dgtime.ch\"][uri\"/backup.sql\"][unique_id\"aeeMrprE_IcxiUza34QhbgAAAAA\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 mnsf	2026-02-15 23:05:40 (4 months ago)	Scanning/Probing (25)	Brute-Force Web App Attack
🇬🇧 consul.to	2026-02-15 12:49:40 (4 months ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 myagent.site	2026-02-15 12:29:16 (4 months ago)	Blocking for trying to access an exploit file: /.env.staging	Hacking
🇺🇸 TPI-Abuse	2026-02-15 12:05:40 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.177 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.177 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:05:32.593784 2026] [security2:error] [pid 393:tid 393] [client 104.207.50.177:23885] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tijuanabible.org"] [uri "/.env.production"] [unique_id "aZG2jIOEPnCeNVP6trHGxgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:47:44 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.177 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.177 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:47:40.105250 2026] [security2:error] [pid 5045:tid 5045] [client 104.207.50.177:29501] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "talentguard.net"] [uri "/test/.git/config"] [unique_id "aZFsDG1RXgJEWG6tsyhT6QAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:54:38 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.177 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.177 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:54:33.803390 2026] [security2:error] [pid 22655:tid 22655] [client 104.207.50.177:16773] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "swindon-itf.com"] [uri "/app/.git/config"] [unique_id "aZFfmcK0n0MMf9c5QYR0lQAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:24:51 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.177 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.177 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:24:45.518331 2026] [security2:error] [pid 23229:tid 23229] [client 104.207.50.177:59755] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stricklinphotography.com"] [uri "/api/.git/config"] [unique_id "aZFKjXjH4we_CJguXeP96AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:51:38 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.177 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.177 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:51:29.962714 2026] [security2:error] [pid 24811:tid 24811] [client 104.207.50.177:30939] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stewarttaylor.com"] [uri "/admin/.env"] [unique_id "aZFCway2QWAn2L8XSEtS6gAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-02-15 03:48:52 (4 months ago)	Web vulnerability probing: /admin/.env	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:44:06 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.177 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.177 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:43:55.752265 2026] [security2:error] [pid 30723:tid 30723] [client 104.207.50.177:60895] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "spottedeaglearts.com"] [uri "/app/.env"] [unique_id "aZEy646ws9erw8lvTJMZXwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 Origon	2026-02-15 02:26:42 (4 months ago)	http-sensitive-files - IP: 104.207.50.177 - time="2026-02-15T03:26:42+01:00" level=info msg="(555f6 ... show more http-sensitive-files - IP: 104.207.50.177 - time="2026-02-15T03:26:42+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.50.177 (GB/200373) : 4h ban on Ip 104.207.50.177" module=db show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:25:45 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.177 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.177 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:25:38.711510 2026] [security2:error] [pid 22743:tid 22743] [client 104.207.50.177:29787] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "spicerreport.com"] [uri "/api/.env"] [unique_id "aZEuogf_0ZPCwvzrow5_vQAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-02-15 01:28:44 (4 months ago)	Multiple WAF Violations	Web App Attack

Showing 1 to 15 of 163 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 146.19.78.158

🇸🇪 104.23.221.29

🇳🇱 45.148.10.152

🇨🇳 123.232.130.144

🇨🇳 123.191.154.21

🇨🇳 115.191.40.50

🇺🇸 91.230.168.220

🇨🇳 36.133.44.233

🇻🇳 27.79.3.228

🇺🇸 20.84.145.62

🇮🇹 172.235.235.248

🇧🇷 45.205.1.244

🇮🇳 2401:4900:8911:b3e2:99e8:185c:984d:8619

🇰🇷 211.251.245.88

🇮🇷 176.65.174.13

🇨🇳 150.138.142.131

🇨🇳 111.61.175.118

🇺🇸 108.14.226.59

🇧🇩 103.129.238.247

🇨🇦 85.217.149.11