JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.50.220

104.207.50.220 was found in our database!

This IP was reported 128 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.50.220

Whois 104.207.50.220

IP Abuse Reports for 104.207.50.220:

This IP address has been reported a total of 128 times from 17 distinct sources. 104.207.50.220 was first reported on June 11th 2024, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-05-15 06:30:47 (4 weeks ago)	Known malicious PHP file or CMS probe	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇨🇦 SSH-Admin	2026-02-07 17:12:28 (4 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 09:32:32 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.220 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 04:32:28.907498 2026] [security2:error] [pid 1035:tid 1035] [client 104.207.50.220:36137] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.costumeshalloweenparty.com"] [uri "/.env"] [unique_id "aWtXLD5BlOwVYnhMD4NHnwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-01-02 04:39:11 (5 months ago)	IM360 WAF: Old style account creation and modification in Joomla! MV:registration	Web App Attack
🇵🇱 sefinek.net	2026-01-01 11:00:42 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Vivaldi/5.3.2679.68 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇨🇦 SSH-Admin	2025-12-27 13:45:08 (5 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:49:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.220 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:49:35.188719 2025] [security2:error] [pid 17954:tid 17954] [client 104.207.50.220:30709] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.dividivipartners.com"] [uri "/.env"] [unique_id "aSZqv_Ywlx6KUSbb03e76gAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 Shaik Sai Meera	2025-11-25 23:35:04 (6 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇺🇸 TPI-Abuse	2025-11-25 06:34:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.220 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:34:11.524387 2025] [security2:error] [pid 10618:tid 10683] [client 104.207.50.220:50795] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.missalastages.com"] [uri "/.git/HEAD"] [unique_id "aSVN47ZN1sv0sYtnp34t5wAAAMA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:05:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.220 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:04:58.012580 2025] [security2:error] [pid 4153:tid 4153] [client 104.207.50.220:9765] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.hawaiivacations.com"] [uri "/.env"] [unique_id "aSQfuim_tEsxMATzzh-W7AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:55:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.220 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:55:25.053662 2025] [security2:error] [pid 21242:tid 21242] [client 104.207.50.220:12727] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.laecovillage.org"] [uri "/.git/HEAD"] [unique_id "aSPlPWxxKw1KAzSmfS8-oAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 oncord	2025-11-10 12:57:26 (7 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2025-11-03 00:50:04 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.220 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 02 19:50:00.276416 2025] [security2:error] [pid 11261:tid 11261] [client 104.207.50.220:16341] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.thecommonsenseeconomist.org"] [uri "/config.php%7C/.env%7Csettings.py"] [unique_id "aQf8OBkPoK8_h9DdXTMpsQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 oncord	2025-10-27 11:19:16 (7 months ago)	Form spam	Web Spam

Showing 1 to 15 of 128 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.185.122.174

🇺🇸 205.185.121.3

🇰🇷 43.164.132.164

🇬🇧 35.203.211.188

🇺🇸 206.189.205.85

🇺🇸 205.185.120.156

🇺🇸 205.185.120.21

🇺🇸 104.194.10.248

🇷🇴 92.118.39.62

🇷🇴 80.94.92.130

🇭🇰 65.181.88.245

🇫🇮 65.108.87.151

🇺🇸 34.153.21.16

🇺🇸 205.185.119.54

🇺🇸 205.185.116.245

🇺🇸 205.185.116.237

🇩🇪 193.124.20.245

🇩🇪 185.168.31.66

🇺🇸 94.158.247.101

🇺🇸 45.42.88.54