JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.50.49

104.207.50.49 was found in our database!

This IP was reported 146 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.50.49

Whois 104.207.50.49

IP Abuse Reports for 104.207.50.49:

This IP address has been reported a total of 146 times from 16 distinct sources. 104.207.50.49 was first reported on June 6th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-03-30 05:21:28 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.50.49 (GB/United Kingdom/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.50.49 (GB/United Kingdom/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇪🇸 librebit	2026-03-29 02:00:39 (2 months ago)	Brute force	Brute-Force
🇫🇷 masterguru	2026-03-26 13:06:49 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.50.49 (GB/United Kingdom/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.50.49 (GB/United Kingdom/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:41 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-29 08:40:05 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 03:40:01.003019 2025] [security2:error] [pid 29198:tid 29198] [client 104.207.50.49:35011] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "backyardbrickoven.com"] [uri "/.env"] [unique_id "aVI-YddCopNYbWxSsWW7_QAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 06:49:59 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:49:52.537889 2025] [security2:error] [pid 22428:tid 22428] [client 104.207.50.49:39377] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bvi-boat-registration.com"] [uri "/.git/HEAD"] [unique_id "aVIkkPwkUKgMKhCckk6C5gAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 06:20:55 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:20:51.601018 2025] [security2:error] [pid 23671:tid 23671] [client 104.207.50.49:42909] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nolenelam.com"] [uri "/.env"] [unique_id "aVIdwyyGcCWgCslBahgIHwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:14:03 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:13:59.743831 2025] [security2:error] [pid 11537:tid 11561] [client 104.207.50.49:9115] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stanfordprofs.com"] [uri "/.git/HEAD"] [unique_id "aVIOFw3ECO-hzvoa_YilQQAAARY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:16:11 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:16:07.871869 2025] [security2:error] [pid 18159:tid 18172] [client 104.207.50.49:40811] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "clearwaterpumpservices.com"] [uri "/.env"] [unique_id "aVIAhxHoP6MwOldmBmFDvwAAAQQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 oncord	2025-12-28 09:24:22 (5 months ago)	Form spam	Web Spam
Anonymous	2025-10-26 03:49:08 (7 months ago)	wordpress-trap	Web App Attack
Anonymous	2025-10-23 23:05:32 (7 months ago)	wordpress-trap	Web App Attack
Anonymous	2025-10-22 16:10:18 (7 months ago)	wordpress-trap	Web App Attack
Anonymous	2025-10-22 01:42:02 (7 months ago)	wordpress-trap	Web App Attack
🇬🇧 openstrike.co.uk	2025-10-20 08:03:09 (7 months ago)	12 packets to port 22	Brute-Force SSH

Showing 1 to 15 of 146 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 2404:6800:4003:c03::12b

🇺🇦 185.190.149.225

🇻🇳 103.186.101.237

🇺🇸 74.125.80.23

🇺🇸 52.188.189.6

🇺🇸 44.204.64.190

🇪🇸 5.61.202.77

🇺🇸 3.82.52.177

🇺🇸 216.172.190.116

🇺🇸 216.25.89.101

🇬🇧 198.244.242.252

🇬🇧 198.244.242.203

🇬🇧 185.247.137.203

🇩🇪 139.162.146.13

🇧🇩 103.171.68.74

🇸🇬 103.13.207.26

🇷🇺 95.165.27.83

🇺🇸 74.7.227.50

🇨🇳 59.175.155.252

🇨🇳 58.47.137.190