JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.50.88

104.207.50.88 was found in our database!

This IP was reported 130 times. Confidence of Abuse is 24%: ?

24%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.50.88

Whois 104.207.50.88

IP Abuse Reports for 104.207.50.88:

This IP address has been reported a total of 130 times from 23 distinct sources. 104.207.50.88 was first reported on June 11th 2024, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-20 04:51:25 (4 days ago)	Web App Attack	Web App Attack
🇩🇪 todix	2026-06-15 00:53:49 (1 week ago)	Web App Attack Exploid from 104.207.50.88	Web App Attack
🇩🇪 Reinhard	2026-06-02 23:09:16 (3 weeks ago)	Parameter or path manipulation, hacking. /backup.tar.gz	Hacking
🇩🇪 evilrave	2026-05-17 01:11:46 (1 month ago)	104.207.50.88 - - [17/May/2026:01:11:46 +0000] "GET http://[REDACTED_IP]/wp-json/gravitysmtp/v1/test ... show more 104.207.50.88 - - [17/May/2026:01:11:46 +0000] "GET http://[REDACTED_IP]/wp-json/gravitysmtp/v1/tests/mock-data?page=gravitysmtp-settings HTTP/1.1" 444 0 Host="[REDACTED_IP]" SNI="-" ... show less	Bad Web Bot
🇫🇷 pm33	2026-04-28 20:24:30 (1 month ago)	Probing for resource vulnerabilities HTTP(S)	Web App Attack
🇨🇭 backslash	2026-01-24 18:20:14 (4 months ago)	block ruleset 486D2EE5E731CC049D1E480D68D04DFFE28AADF1	Bad Web Bot
🇮🇹 VHosting	2026-01-20 13:20:05 (5 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
Anonymous	2026-01-03 13:32:17 (5 months ago)	Attempted brute force login to web vpn 18 time(s); last attempt for 2026.01.03 is noted in report ti ... show more Attempted brute force login to web vpn 18 time(s); last attempt for 2026.01.03 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-25 03:02:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.88 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.88 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:02:04.901457 2025] [security2:error] [pid 17610:tid 17610] [client 104.207.50.88:47189] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gellertdealers.totalstorage.solutions"] [uri "/.env"] [unique_id "aSUcLB8ylXVfVY1o7bvnIgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:26:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.88 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.88 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:26:13.114930 2025] [security2:error] [pid 1647141:tid 1647222] [client 104.207.50.88:45271] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.lavonnesells.com"] [uri "/.git/HEAD"] [unique_id "aSUFtdffCdpZ5cNrCNdQzAAAAVE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:46:37 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.88 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.88 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:44:18.137769 2025] [security2:error] [pid 32575:tid 32575] [client 104.207.50.88:39805] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.partyblockinvitations.com"] [uri "/.env"] [unique_id "aSPwsumILZjIvXknH0cCLgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:14:49 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.88 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.88 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:14:39.428947 2025] [security2:error] [pid 21351:tid 21351] [client 104.207.50.88:59215] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.fiyaplatform.com"] [uri "/.svn/wc.db"] [unique_id "aSPbr7wNJhf_-vr-ErMwywAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 oncord	2025-11-20 18:32:05 (7 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2025-11-17 06:18:44 (7 months ago)	(mod_security) mod_security (id:210730) triggered by 104.207.50.88 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 104.207.50.88 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 17 01:18:40.691792 2025] [security2:error] [pid 26794:tid 26806] [client 104.207.50.88:20699] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.jojocreative.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.jojocreative.com"] [uri "/s3cmd.ini"] [unique_id "aRq-QNjU7mQp-bm4ax5VbwAAAIY"] show less	Brute-Force Bad Web Bot Web App Attack
🇹🇷 rtbh.com.tr	2025-11-09 20:09:50 (7 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force

Showing 1 to 15 of 130 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 50.217.40.11

🇨🇳 39.185.209.73

🇺🇸 184.105.139.84

🇯🇵 172.233.77.208

🇳🇱 93.123.109.52

🇳🇱 91.92.40.12

🇧🇬 78.128.114.66

🇩🇪 45.130.203.151

🇧🇪 35.187.23.170

🇬🇧 2a06:4880:8000::a4

🇨🇳 218.78.46.81

🇨🇳 202.46.62.92

🇧🇷 170.238.128.220

🇹🇼 165.154.227.158

🇫🇷 91.172.216.233

🇫🇮 62.60.152.192

🇧🇷 45.205.1.241

🇩🇪 45.130.203.163

🇰🇪 41.191.229.226

🇧🇷 20.206.88.217