JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.50.132

104.207.50.132 was found in our database!

This IP was reported 132 times. Confidence of Abuse is 35%: ?

35%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.50.132

Whois 104.207.50.132

IP Abuse Reports for 104.207.50.132:

This IP address has been reported a total of 132 times from 20 distinct sources. 104.207.50.132 was first reported on June 11th 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇽 octageeks.com	2026-06-22 04:14:00 (3 days ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇩🇪 F242	2026-06-21 07:46:16 (4 days ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇺🇸 lostswordfish.com	2026-06-19 07:10:05 (6 days ago)	Wordfence waf block on jestrellafoundation	Web App Attack
🇬🇧 poundawebsiteltd	2026-06-16 18:45:02 (1 week ago)	WP Exploit attempt. Evidence: beanietools.dev:443 104.207.50.132 - - [16/Jun/2026:19:44:58 +0100] PO ... show more WP Exploit attempt. Evidence: beanietools.dev:443 104.207.50.132 - - [16/Jun/2026:19:44:58 +0100] POST /wp-login.php HTTP/1.1 200 6728 https://beanietools.dev/wp-login.php Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36 show less	Web App Attack
Anonymous	2026-05-20 20:06:05 (1 month ago)	Trying to access config files	Web App Attack
🇯🇵 pixelboost.kr	2026-05-20 08:23:00 (1 month ago)	104.207.50.132 - - [20/May/2026:17:22:58 +0900] "GET /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 ( ... show more 104.207.50.132 - - [20/May/2026:17:22:58 +0900] "GET /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.108 Safari/537.36" ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-04 04:19:51 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.132 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 04 00:19:43.708558 2026] [security2:error] [pid 25945:tid 25945] [client 104.207.50.132:21541] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "utah17.com"] [uri "/.env"] [unique_id "afgeX1U6Ssx2YKBpSHx8qQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇦🇺 oncord	2026-03-11 21:06:50 (3 months ago)	Form spam	Web Spam
Anonymous	2026-03-08 20:44:10 (3 months ago)	FREKISCOM WEBFORM SPAM 104.207.50.132 (104.207.50.132)	Web Spam
🇮🇹 main.ows	2026-03-05 20:06:26 (3 months ago)	[05/Mar/2026:21:06:25.095426 +0100] aaniQOOybglOVUi0jeNyEQAAAAo 104.207.50.132 57612 217.61.13.167 7 ... show more [05/Mar/2026:21:06:25.095426 +0100] aaniQOOybglOVUi0jeNyEQAAAAo 104.207.50.132 57612 217.61.13.167 7081 ... show less	Bad Web Bot Web App Attack
Anonymous	2026-01-20 05:32:07 (5 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇧🇪 madeit	2025-11-30 04:29:58 (6 months ago)		Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:05:27 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.132 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:05:19.095606 2025] [security2:error] [pid 830332:tid 830332] [client 104.207.50.132:46841] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.sarahwhitecotton.com"] [uri "/.svn/wc.db"] [unique_id "aSU5DyEfwV9m0wVmx_enOwAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:25:21 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.132 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:25:13.962186 2025] [security2:error] [pid 4652:tid 4652] [client 104.207.50.132:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.psychoclast.com"] [uri "/.svn/wc.db"] [unique_id "aST3aawrHCEAOV1hvUG04gAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 132 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 185.227.153.56

🇮🇩 160.187.174.22

🇺🇸 132.148.72.88

🇫🇷 54.37.118.88

🇺🇸 216.24.212.27

🇮🇳 192.178.119.18

🇳🇱 192.42.116.94

🇧🇬 185.253.160.24

🇺🇸 89.187.177.49

🇱🇻 81.30.98.62

🇺🇸 54.156.248.117

🇸🇬 47.236.66.123

🇸🇨 45.194.67.146

🇺🇸 184.174.24.202

🇺🇸 172.191.239.155

🇩🇪 164.90.236.107

🇺🇸 162.216.150.104

🇨🇳 116.179.37.133

🇹🇼 110.25.114.8

🇸🇬 101.47.158.56