JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.50.28

104.207.50.28 was found in our database!

This IP was reported 152 times. Confidence of Abuse is 19%: ?

19%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.50.28

Whois 104.207.50.28

IP Abuse Reports for 104.207.50.28:

This IP address has been reported a total of 152 times from 19 distinct sources. 104.207.50.28 was first reported on June 4th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 iNetWorker	2026-05-25 22:39:49 (1 week ago)	trolling for resource vulnerabilities	Web App Attack
🇪🇸 librebit	2026-05-23 03:47:44 (2 weeks ago)	Brute force	Brute-Force
🇩🇪 LRob.fr	2026-05-23 00:45:03 (2 weeks ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-02-15 06:57:17 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.28 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:57:12.584751 2026] [security2:error] [pid 8745:tid 8745] [client 104.207.50.28:21923] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "orderthanksgivingcards.com"] [uri "/app/.git/config"] [unique_id "aZFuSKOSYVc1grfCUCTtDAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Aetherweb Ark	2026-02-15 06:53:36 (3 months ago)	(mod_security) mod_security (id:949110) triggered by 104.207.50.28 (GB/United Kingdom/-): N in the l ... show more (mod_security) mod_security (id:949110) triggered by 104.207.50.28 (GB/United Kingdom/-): N in the last X secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:39:57 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.28 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:39:54.298662 2026] [security2:error] [pid 1836:tid 1851] [client 104.207.50.28:19427] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oplconnect.com"] [uri "/frontend/.env"] [unique_id "aZFqOvaxUwTOactKDP5JfwAAAIk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:12:58 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.28 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:12:53.249809 2026] [security2:error] [pid 22562:tid 22562] [client 104.207.50.28:31587] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "onevoicefoundationlb.org"] [uri "/api/.git/config"] [unique_id "aZFj5UTiiCMiTfN-BR0BCQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:53:22 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.28 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:53:16.950344 2026] [security2:error] [pid 873772:tid 873772] [client 104.207.50.28:55189] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "omahareact.org"] [uri "/api/.git/config"] [unique_id "aZFfTBMrloDFumGMsyj6FQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:45:14 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.28 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:45:00.578387 2026] [security2:error] [pid 11727:tid 11727] [client 104.207.50.28:61479] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "santaclausphonecall.com"] [uri "/api/.git/config"] [unique_id "aZFPTHILc72l9wIT0cUMmQAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:16:53 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.28 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:16:47.643411 2026] [security2:error] [pid 6378:tid 6378] [client 104.207.50.28:26455] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ppichardocigars.com"] [uri "/.env.staging"] [unique_id "aZFIr4CYtYHpcfIl6uT9hQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇾 lns.bz	2026-02-15 03:58:38 (3 months ago)	Too many 404 requests [BY]	Web App Attack
🇺🇸 OceanTreasure	2026-02-15 03:45:32 (3 months ago)	tcp/80; Git configuration exposure attempt: "GET /new/.git/config" @ 2026-02-15T03:37:16Z [proxy]	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:10:51 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.28 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:10:44.324977 2026] [security2:error] [pid 20662:tid 20662] [client 104.207.50.28:62753] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "njoyquilts.com"] [uri "/.env.production"] [unique_id "aZE5NAiMRYUmPAL_cm4gOQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:24:18 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.28 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:24:14.050034 2026] [security2:error] [pid 184123:tid 184254] [client 104.207.50.28:24723] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "playgamesplay.com"] [uri "/.env.local"] [unique_id "aZEuToMh4IJV0omYQjMQZwAAAlA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 152 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 2a06:4880:2000::42

🇺🇸 209.141.57.35

🇲🇽 187.190.179.127

🇮🇶 185.166.25.150

🇮🇳 182.70.243.207

🇵🇰 119.73.8.64

🇫🇷 84.6.37.132

🇷🇴 80.94.92.168

🇺🇦 176.103.7.115

🇻🇳 113.177.174.84

🇧🇩 103.154.158.70

🇺🇸 66.132.186.202

🇺🇸 48.216.244.43

🇰🇿 46.36.153.14

🇨🇳 222.245.54.61

🇨🇳 220.167.233.229

🇦🇷 179.40.112.10

🇰🇭 175.100.53.27

🇺🇸 156.232.13.218

🇭🇰 154.221.20.92