JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.50.187

104.207.50.187 was found in our database!

This IP was reported 136 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.50.187

Whois 104.207.50.187

IP Abuse Reports for 104.207.50.187:

This IP address has been reported a total of 136 times from 15 distinct sources. 104.207.50.187 was first reported on June 14th 2024, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-21 05:47:59 (4 weeks ago)	Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Sever ... show more Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇵🇱 sefinek.net	2026-02-20 21:06:44 (3 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Vivaldi/5.3.2679.68 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-13 13:49:19 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.187 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:49:12.534671 2026] [security2:error] [pid 7414:tid 7414] [client 104.207.50.187:15395] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mindtoken.app"] [uri "/backup/.git/config"] [unique_id "aY8r2AZ5E-FHt02_mi0CoAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:29:36 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.187 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:29:31.039290 2026] [security2:error] [pid 32629:tid 32754] [client 104.207.50.187:38287] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "millievelasco.com"] [uri "/api/.env"] [unique_id "aY8nO9OSUObTgb48jp-ekgAAAhM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:08:42 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.187 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:08:35.637526 2026] [security2:error] [pid 5217:tid 5217] [client 104.207.50.187:46555] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mikeberro.com"] [uri "/config/.env"] [unique_id "aY8iU6Yg-QeIl5wZnAwhOQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 08:03:40 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.187 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:03:35.205816 2026] [security2:error] [pid 2584425:tid 2584425] [client 104.207.50.187:55505] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "memelearning.net"] [uri "/.git/config"] [unique_id "aY7a103s4fsK4t6W_H8KkQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 07:35:42 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.187 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 02:35:35.014480 2026] [security2:error] [pid 3964:tid 3964] [client 104.207.50.187:18047] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mehlerproperties.com"] [uri "/site/.git/config"] [unique_id "aY7URzg-s7t1yipgb9k4fwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 05:18:56 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.187 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:18:51.238531 2026] [security2:error] [pid 29282:tid 29282] [client 104.207.50.187:24841] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "matteozacchino.dev"] [uri "/backup/.git/config"] [unique_id "aY60O20xkhXO28e17yLhjAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:59:24 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.187 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:59:20.917524 2026] [security2:error] [pid 1908033:tid 1908072] [client 104.207.50.187:35219] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mastersofthesecrets.com"] [uri "/new/.git/config"] [unique_id "aY6vqE7msqS-ZlYUbK7WNAAAAYE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:45:35 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.187 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:45:30.709397 2026] [security2:error] [pid 2198331:tid 2198331] [client 104.207.50.187:56589] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "maritanasystems.com"] [uri "/dev/.git/config"] [unique_id "aY6eWqQKczrrMHxDGe54DAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 17:22:13 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.187 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 12:22:09.864085 2026] [security2:error] [pid 15551:tid 15551] [client 104.207.50.187:46713] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "davisound.com"] [uri "/.env"] [unique_id "aY4MQa-q_JU60gyPYKDbOgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 16:06:30 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.187 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 11:06:26.573267 2026] [security2:error] [pid 29381:tid 29381] [client 104.207.50.187:50595] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "disabilitiesdespair.com"] [uri "/.git/config"] [unique_id "aY36gpHGFu-ixiGpIOetDAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-12 00:35:20 (4 months ago)	104.207.50.187 - - [12/Feb/2026:00:35:19 +0000] "GET /app/.env HTTP/1.1" 302 3409 "-" "Mozilla/5.0 ( ... show more 104.207.50.187 - - [12/Feb/2026:00:35:19 +0000] "GET /app/.env HTTP/1.1" 302 3409 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Bad Web Bot Web App Attack
🇨🇭 backslash	2025-12-07 13:25:02 (6 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇫🇷 mrcrassi	2025-12-02 08:16:34 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (POST meth ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (POST method) Endpoint: /wp-login.php UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.203 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot

Showing 1 to 15 of 136 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.167.233.45

🇰🇷 220.80.221.68

🇹🇷 188.59.90.54

🇳🇱 185.93.89.10

🇺🇸 172.202.117.171

🇩🇪 130.12.180.58

🇸🇪 104.222.173.197

🇩🇪 69.5.169.150

🇺🇸 24.148.120.2

🇸🇪 13.62.136.70

🇧🇪 198.235.24.253

🇱🇹 81.30.98.144

🇩🇪 69.5.169.205

🇺🇸 48.214.144.31

🇰🇭 36.37.134.67

🇨🇳 27.17.182.115

🇺🇸 20.127.185.37

🇺🇸 20.65.217.91

🇸🇪 13.50.226.189

🇩🇪 167.94.146.50