JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.49.50

104.207.49.50 was found in our database!

This IP was reported 128 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.49.50

Whois 104.207.49.50

IP Abuse Reports for 104.207.49.50:

This IP address has been reported a total of 128 times from 14 distinct sources. 104.207.49.50 was first reported on June 4th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 10dencehispahard SL	2026-01-23 07:34:12 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇺🇸 TPI-Abuse	2025-12-11 07:04:40 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 11 02:04:32.429059 2025] [security2:error] [pid 9914:tid 9914] [client 104.207.49.50:42433] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hal.dance"] [uri "/.git/HEAD"] [unique_id "aTptACdK1nuM1O82WwejugAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 11:56:04 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 06:55:56.134153 2025] [security2:error] [pid 25162:tid 25162] [client 104.207.49.50:12249] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "roguetechtalks.com"] [uri "/.git/HEAD"] [unique_id "aTa8zKXxRh_XeUhePxzopAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 15:00:26 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 10:00:21.596117 2025] [security2:error] [pid 9614:tid 9614] [client 104.207.49.50:39333] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "shay.org"] [uri "/.svn/wc.db"] [unique_id "aTWWhQCxRqjr0qzDR08OCwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 13:58:53 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 08:58:49.046144 2025] [security2:error] [pid 10084:tid 10084] [client 104.207.49.50:47795] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lodge84.org"] [uri "/.git/HEAD"] [unique_id "aTWIGU0vNKswWzO8E03W4wAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 08:01:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 03:01:14.601712 2025] [security2:error] [pid 9899:tid 9899] [client 104.207.49.50:36951] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "superzilla.com"] [uri "/.env"] [unique_id "aTKRStmOHv0PHjVS7noixAAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-01 19:14:14 (7 months ago)	[redacted] 104.207.49.50 - - [01/Nov/2025:20:14:02 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "M ... show more [redacted] 104.207.49.50 - - [01/Nov/2025:20:14:02 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Linux; Android 6.0; CAM-L21 Build/HUAWEICAM-L21; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/62.0.3202.84 Mobile Safari/537.36" [redacted] 104.207.49.50 - - [01/Nov/2025:20:14:03 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Linux; Android 7.0; Moto G (5) Build/NPPS25.137-93-14) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Mobile Safari/537.36" [redacted] 104.207.49.50 - - [01/Nov/2025:20:14:04 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0" [redacted] 104.207.49.50 - - [01/Nov/2025:20:14:06 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Linux; U; Android 4.3; de-de; GT-I9300 Build/JSS15J) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30" joerg-shimon-schul ... show less	Hacking Web App Attack
Anonymous	2025-10-30 14:24:02 (7 months ago)	WordPress Brute Force	Brute-Force
🇺🇸 anon333	2025-10-26 19:33:08 (7 months ago)	Hacker syslog review 1761507187	Hacking
🇩🇪 cloudmax	2025-10-25 19:04:10 (7 months ago)	Cloudmax IPS Block - Suspicious activity. Possible port scanning, service reconnaissance, or vulnera ... show more Cloudmax IPS Block - Suspicious activity. Possible port scanning, service reconnaissance, or vulnerability probing show less	Port Scan
Anonymous	2025-10-11 07:41:32 (7 months ago)	Attempted brute force login to web vpn 72 time(s); last attempt for 2025.10.11 is noted in report ti ... show more Attempted brute force login to web vpn 72 time(s); last attempt for 2025.10.11 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-10 15:20:54 (7 months ago)	Attempted brute force login to web vpn 108 time(s); last attempt for 2025.10.10 is noted in report t ... show more Attempted brute force login to web vpn 108 time(s); last attempt for 2025.10.10 is noted in report timestamp show less	Hacking Brute-Force
🇨🇭 backslash	2025-10-10 13:10:27 (7 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
Anonymous	2025-10-09 21:24:19 (7 months ago)	Attempted brute force login to web vpn 180 time(s); last attempt for 2025.10.09 is noted in report t ... show more Attempted brute force login to web vpn 180 time(s); last attempt for 2025.10.09 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-08 18:30:41 (7 months ago)	Attempted brute force login to web vpn 126 time(s); last attempt for 2025.10.08 is noted in report t ... show more Attempted brute force login to web vpn 126 time(s); last attempt for 2025.10.08 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 128 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇴 179.61.30.12

🇰🇷 128.134.83.141

🇨🇦 67.71.55.209

🇺🇸 52.176.211.73

🇳🇱 45.148.10.152

🇧🇪 34.79.70.210

🇬🇧 185.195.13.17

🇨🇦 104.158.48.89

🇩🇪 46.249.99.46

🇦🇷 45.70.88.252

🇩🇪 31.70.86.236

🇯🇵 8.209.201.85

🇩🇪 2400:cb00:930:1000:e05b:8c1b:7fb8:630b

🇺🇸 216.25.89.83

🇲🇽 201.149.53.243

🇷🇴 92.118.39.236

🇧🇷 45.205.1.242

🇲🇽 45.189.151.169

🇩🇪 213.209.159.231

🇰🇷 211.247.100.216