JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.50.204

104.207.50.204 was found in our database!

This IP was reported 148 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.50.204

Whois 104.207.50.204

IP Abuse Reports for 104.207.50.204:

This IP address has been reported a total of 148 times from 23 distinct sources. 104.207.50.204 was first reported on June 4th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-04-01 19:03:49 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.50.204 (GB/United Kingdom/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.50.204 (GB/United Kingdom/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-02-15 12:28:06 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.204 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:27:49.611993 2026] [security2:error] [pid 15903:tid 15903] [client 104.207.50.204:16803] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "title49.com"] [uri "/dev/.git/config"] [unique_id "aZG7xRdFmme8okDiXNzDSgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 masterguru	2026-02-15 12:13:14 (3 months ago)	. Matched phrase "/.git/" at REQUEST_URI. (210492-123)	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:50:44 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.204 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:50:39.408705 2026] [security2:error] [pid 22229:tid 22229] [client 104.207.50.204:24913] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thugdoggsrecords.com"] [uri "/.env.production"] [unique_id "aZGzD3lvmRUqgr-_drVOUQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-02-15 11:37:07 (3 months ago)	Try to access /.git/config	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:16:54 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.204 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:16:48.869965 2026] [security2:error] [pid 12381:tid 12381] [client 104.207.50.204:64125] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tanny.com"] [uri "/backup/.git/config"] [unique_id "aZGrIDCbs03KyisH1ERH5gAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:19:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.204 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:19:48.562702 2026] [security2:error] [pid 8126:tid 8126] [client 104.207.50.204:47787] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "superlamb.com"] [uri "/frontend/.env"] [unique_id "aZFXdA5bapfmWqAFqnmsyAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:21:26 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.204 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:21:18.919008 2026] [security2:error] [pid 20174:tid 20174] [client 104.207.50.204:39033] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "streetcarz.net"] [uri "/app/.env"] [unique_id "aZFJvpODCKjK_L4T4cJN_gAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:42:35 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.204 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:42:31.976198 2026] [security2:error] [pid 19685:tid 19685] [client 104.207.50.204:51643] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "step1nutrition.com"] [uri "/dev/.git/config"] [unique_id "aZFAp9RAO6_aUj5b1S8BzwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 03:06:07 (3 months ago)	Scanning/Probing (26)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:53:09 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.204 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:53:05.371204 2026] [security2:error] [pid 28850:tid 28850] [client 104.207.50.204:38557] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nanchy.net"] [uri "/backend/.env"] [unique_id "aZE1EfhmBMIx2TsL2bz1cAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 ParaBug	2026-02-15 02:31:29 (3 months ago)	104.207.50.204 - - [15/Feb/2026:03:31:29 +0100] "GET /backend/.env HTTP/1.1" 301 4229 "-" "Mozilla/5 ... show more 104.207.50.204 - - [15/Feb/2026:03:31:29 +0100] "GET /backend/.env HTTP/1.1" 301 4229 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Phishing Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:31:04 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.204 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:30:59.649411 2026] [security2:error] [pid 24996:tid 24996] [client 104.207.50.204:24317] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "spiritofacorn.com"] [uri "/.env"] [unique_id "aZEv4--l0TV9P2Ps8GuqhQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:50:04 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.204 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:48:35.021234 2026] [security2:error] [pid 184123:tid 184244] [client 104.207.50.204:21829] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "soundstore.com"] [uri "/.env.production"] [unique_id "aZEl84Mh4IJV0omYQjPjngAAAkk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 148 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 177.192.18.137

🇫🇷 161.97.125.94

🇮🇷 109.122.240.108

🇭🇰 103.243.24.124

🇵🇱 54.38.52.18

🇳🇴 20.251.193.202

🇨🇳 222.176.201.28

🇨🇳 220.250.52.94

🇺🇸 165.154.206.124

🇵🇱 151.115.48.199

🇳🇱 93.123.72.183

🇱🇻 91.105.20.128

🇳🇱 81.19.216.117

🇮🇹 79.3.96.178

🇮🇳 20.219.91.90

🇮🇷 5.202.105.236

🇻🇳 2001:ee0:497e:63f0:2dbc:cdb6:7d7b:9823

🇳🇱 204.76.203.219

🇸🇬 194.164.107.5

🇮🇶 188.72.40.23