JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.50.224

104.207.50.224 was found in our database!

This IP was reported 139 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.50.224

Whois 104.207.50.224

IP Abuse Reports for 104.207.50.224:

This IP address has been reported a total of 139 times from 12 distinct sources. 104.207.50.224 was first reported on June 6th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-13 10:23:09 (1 month ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-02-11 20:53:46 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 15:53:40.705396 2026] [security2:error] [pid 13387:tid 13387] [client 104.207.50.224:48889] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ardeeapps.com"] [uri "/admin/.env"] [unique_id "aYzsVEWvamLuL7jOS6H52AAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 19:54:37 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 14:54:30.346387 2026] [security2:error] [pid 9458:tid 9458] [client 104.207.50.224:31097] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "architech.com"] [uri "/.env.production"] [unique_id "aYzedhWH4dUp2DWEzlIVRQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 000rosiu	2026-02-11 17:07:03 (4 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protocol: HTTP/1.1 (GET method) Endpoint: /app/.git/config Timestamp: 2026-02-11T17:03:15Z Ray ID: 9cc56b2b49fedc94 UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Report generated by Cloudflare-WAF-To-AbuseIPDB: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-10 15:54:43 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 10:54:37.827866 2026] [security2:error] [pid 12476:tid 12476] [client 104.207.50.224:25451] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "antiterrorismbooks.net"] [uri "/.env"] [unique_id "aYtUveifqN6NYFkymnFa3AAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 06:28:06 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 01:28:00.982676 2026] [security2:error] [pid 6712:tid 6712] [client 104.207.50.224:24263] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iktonline.org"] [uri "/dev/.git/config"] [unique_id "aYrP8NN-UQOv9AL7WtZxhgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:50:07 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:49:54.876406 2026] [security2:error] [pid 1504849:tid 1504849] [client 104.207.50.224:45523] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kithouse.org"] [uri "/.env.local"] [unique_id "aYqq4tjsTznH_ejM5xzT0AAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:03:35 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:03:27.848441 2026] [security2:error] [pid 11569:tid 11569] [client 104.207.50.224:10659] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "howwegothere.info"] [uri "/v2/.git/config"] [unique_id "aYpnv-GoA85xSHt3Pt62JwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 21:19:32 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:19:26.919869 2026] [security2:error] [pid 32566:tid 32566] [client 104.207.50.224:39319] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "horseillustration.com"] [uri "/.env"] [unique_id "aYpPXpeO48oTgA94DgS8kAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 19:13:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 14:13:20.181088 2025] [security2:error] [pid 19160:tid 19160] [client 104.207.50.224:14357] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "acmedistributingllc.com"] [uri "/.env"] [unique_id "aTcjUGvJG6VF3POMai6cFwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 06:55:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 01:55:43.579889 2025] [security2:error] [pid 27751:tid 27751] [client 104.207.50.224:40711] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mainescentsecrets.com"] [uri "/.git/HEAD"] [unique_id "aTZ2b7JaHKRJDqXkPlj2XQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 15:02:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 10:02:11.250739 2025] [security2:error] [pid 26854:tid 26854] [client 104.207.50.224:11471] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sigrc.org"] [uri "/.svn/wc.db"] [unique_id "aTWW83zuepnOvt5nliuxYQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 14:38:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 09:38:19.309476 2025] [security2:error] [pid 17341:tid 17341] [client 104.207.50.224:34073] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "plumeriatc.org"] [uri "/.env"] [unique_id "aTWRWzJVjyLR-fdBgkTpFAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 14:38:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 09:38:19.062234 2025] [security2:error] [pid 4400:tid 4403] [client 104.207.50.224:42837] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brucejoell.com"] [uri "/.svn/wc.db"] [unique_id "aTLuW_ZZra6JoAZ8eRlfLAAAAIE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 139 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 218.190.8.165

🇺🇸 216.25.89.103

🇺🇸 192.249.54.52

🇮🇱 82.80.249.221

🇺🇸 74.99.175.186

🇰🇷 43.131.253.14

🇨🇦 34.95.45.195

🇺🇸 34.56.183.166

🇰🇷 1.247.245.61

🇳🇱 176.65.139.66

🇮🇳 175.101.131.169

🇺🇸 91.230.168.127

🇺🇿 87.192.224.110

🇳🇱 86.54.31.38

🇺🇸 34.144.181.106

🇬🇧 2620:171:fa:f0::10

🇺🇸 209.6.228.121

🇨🇴 201.184.50.251

🇨🇴 179.1.181.196

🇦🇺 172.253.218.157