JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.50.52

104.207.50.52 was found in our database!

This IP was reported 131 times. Confidence of Abuse is 13%: ?

13%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.50.52

Whois 104.207.50.52

IP Abuse Reports for 104.207.50.52:

This IP address has been reported a total of 131 times from 15 distinct sources. 104.207.50.52 was first reported on June 6th 2024, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 spamverify.com	2026-06-03 15:19:09 (4 days ago)	Honeypot Hit: WordPress Login	Web Spam Blog Spam Bad Web Bot Web App Attack
🇺🇸 lostswordfish.com	2026-05-23 13:46:03 (2 weeks ago)	Wordfence waf block on parsol	Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 04:30:33 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 23:30:26.474982 2026] [security2:error] [pid 461426:tid 461426] [client 104.207.50.52:51233] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arthuregau.com"] [uri "/api/.git/config"] [unique_id "aY1XYsvOoxxY3EQtS3TaDwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 15:56:13 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 10:56:05.877251 2026] [security2:error] [pid 14523:tid 14523] [client 104.207.50.52:30279] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "antiterrorismbooks.net"] [uri "/admin/.git/config"] [unique_id "aYtVFaHrO14IprozkAl20AAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:14:16 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:14:11.110965 2026] [security2:error] [pid 1163111:tid 1163118] [client 104.207.50.52:48297] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iacsb.com"] [uri "/wp/.git/config"] [unique_id "aYqig4IkUjRLVk9bu6EijgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:16:32 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:16:23.999074 2026] [security2:error] [pid 30146:tid 30146] [client 104.207.50.52:19567] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "killeramps.com"] [uri "/.env.local"] [unique_id "aYqU9-yVJlqpyhl6-EC7ZwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 01:25:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 20:25:26.910734 2026] [security2:error] [pid 22158:tid 22158] [client 104.207.50.52:51937] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "khaoula.com"] [uri "/api/.env"] [unique_id "aYqJBtgeA8QC3penyZbFyQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-10 00:35:53 (3 months ago)	Blocking for trying to access an exploit file: /.env.production	Hacking
🇺🇸 TPI-Abuse	2026-02-10 00:21:03 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:20:56.217937 2026] [security2:error] [pid 2145411:tid 2145411] [client 104.207.50.52:53795] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kerrywood.com"] [uri "/dev/.git/config"] [unique_id "aYp56Np1Wajk1Jr9y6JH4QAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:15:37 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:15:34.717306 2026] [security2:error] [pid 16012:tid 16012] [client 104.207.50.52:18505] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hotjive.com"] [uri "/frontend/.env"] [unique_id "aYpchraLEhqr_OOvy_H5nQAAACg"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 madeit	2025-11-30 04:34:00 (6 months ago)		Web App Attack
Anonymous	2025-04-07 06:23:24 (1 year ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-06 21:41:38 (1 year ago)	Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.06 is noted in report tim ... show more Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.06 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-05 22:20:21 (1 year ago)	Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.05 is noted in report tim ... show more Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.05 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-04 23:05:43 (1 year ago)	Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.04 is noted in report tim ... show more Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.04 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 131 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 217.14.62.17

🇩🇪 213.209.159.238

🇺🇸 209.85.222.182

🇺🇸 198.2.184.69

🇬🇧 178.253.31.121

🇺🇸 172.191.178.243

🇩🇪 46.249.99.46

🇷🇺 195.242.83.27

🇺🇸 185.180.141.49

🇹🇭 184.22.144.144

🇮🇩 182.2.190.67

🇺🇸 165.22.176.30

🇩🇪 141.11.187.21

🇨🇳 117.81.212.152

🇵🇰 111.68.98.152

🇻🇳 103.138.113.149

🇱🇹 81.30.98.144

🇹🇼 36.224.251.223

🇸🇪 5.34.247.210

🇷🇺 217.14.62.196