JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.50.192

104.207.50.192 was found in our database!

This IP was reported 141 times. Confidence of Abuse is 25%: ?

25%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.50.192

Whois 104.207.50.192

IP Abuse Reports for 104.207.50.192:

This IP address has been reported a total of 141 times from 21 distinct sources. 104.207.50.192 was first reported on June 7th 2024, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Charlesiv	2026-06-03 02:13:15 (4 days ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK ASN: 200373 (3xK Tech GmbH) P ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK ASN: 200373 (3xK Tech GmbH) Protocol: HTTP/1.1 (GET method) Endpoint: / Timestamp: 2026-06-03T01:38:48Z Ray ID: a05afaff99f0dc68 UA: Mozilla/5.0 (compatible; bulk-validator/1.0) show less	Bad Web Bot
Anonymous	2026-06-02 15:30:02 (5 days ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 koinkash.org	2026-05-23 01:39:42 (2 weeks ago)	They are fraudulent. Malicious threat actor requesting php file /wp-login.php	Web App Attack
🇺🇸 lostswordfish.com	2026-05-22 20:28:03 (2 weeks ago)	Wordfence waf block on wp20190711M4	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:28:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.192 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:28:34.210925 2025] [security2:error] [pid 24977:tid 24977] [client 104.207.50.192:19161] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.photoboutiqueamerica.com"] [uri "/.svn/wc.db"] [unique_id "aSaQAq6pogYeqPOXSJO6pwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-26 00:35:11 (6 months ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:18:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.192 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:18:13.085601 2025] [security2:error] [pid 20026:tid 20026] [client 104.207.50.192:34459] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.arsndetx.com"] [uri "/.git/HEAD"] [unique_id "aSZHRdH2a0O6bX7FFDk9AgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:25:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.192 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:25:31.856461 2025] [security2:error] [pid 6029:tid 6029] [client 104.207.50.192:45063] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.openheartwellness.com"] [uri "/.env"] [unique_id "aST3e0p7MegR_BTvedU4RQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:29:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.192 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:28:57.143769 2025] [security2:error] [pid 22938:tid 22938] [client 104.207.50.192:11589] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.socialstudiesforkids.com"] [uri "/.env"] [unique_id "aSQlWf9qC-CN7HR1aVo-zQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:46:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.192 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:46:49.468610 2025] [security2:error] [pid 26158:tid 26158] [client 104.207.50.192:10043] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.rescuedpekes.com"] [uri "/.svn/wc.db"] [unique_id "aSQbebEzQr8coOD6ZMu9fgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:17:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.192 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:17:14.668848 2025] [security2:error] [pid 3459976:tid 3459976] [client 104.207.50.192:30559] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.farmersmutualcallaway.com"] [uri "/.git/HEAD"] [unique_id "aSQGepHyaagGVetCMvvZvAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:20:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.192 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:20:10.456591 2025] [security2:error] [pid 22148:tid 22148] [client 104.207.50.192:46847] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.danproctor.com"] [uri "/.git/HEAD"] [unique_id "aSPrCkBY5LBYzh9FY2WP7AAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:00:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.192 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:00:17.999361 2025] [security2:error] [pid 22224:tid 22224] [client 104.207.50.192:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "abdulhameeds.art"] [uri "/.env"] [unique_id "aSPmYQ18Ke9J05dUSAJsuQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:28:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.192 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:28:21.517799 2025] [security2:error] [pid 4209:tid 4209] [client 104.207.50.192:35461] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.amywoodruff.com"] [uri "/.env"] [unique_id "aSPe5Zzx-KHpJ7Z6SGfV8gAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2025-10-16 13:35:43 (7 months ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack

Showing 1 to 15 of 141 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 2a06:4880:2000::42

🇺🇸 209.141.57.35

🇲🇽 187.190.179.127

🇮🇶 185.166.25.150

🇮🇳 182.70.243.207

🇵🇰 119.73.8.64

🇫🇷 84.6.37.132

🇷🇴 80.94.92.168

🇺🇦 176.103.7.115

🇻🇳 113.177.174.84

🇧🇩 103.154.158.70

🇺🇸 66.132.186.202

🇺🇸 48.216.244.43

🇰🇿 46.36.153.14

🇨🇳 222.245.54.61

🇨🇳 220.167.233.229

🇦🇷 179.40.112.10

🇰🇭 175.100.53.27

🇺🇸 156.232.13.218

🇭🇰 154.221.20.92