JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.50.205

104.207.50.205 was found in our database!

This IP was reported 146 times. Confidence of Abuse is 9%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.50.205

Whois 104.207.50.205

IP Abuse Reports for 104.207.50.205:

This IP address has been reported a total of 146 times from 28 distinct sources. 104.207.50.205 was first reported on June 4th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-23 01:25:43 (2 weeks ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-22 11:31:52 (2 weeks ago)	Honeypot detection: Privilege escalation / elevation attempt on port 8080. Severity: CRITICAL. Aaran ... show more Honeypot detection: Privilege escalation / elevation attempt on port 8080. Severity: CRITICAL. Aaran.cloud show less	Hacking
🇨🇳 ThreatBook.io	2026-04-19 23:20:23 (1 month ago)	ThreatBook Intelligence: http_proxy,Gateway more details on https://threatbook.io/ip/104.207.50.205 ... show more ThreatBook Intelligence: http_proxy,Gateway more details on https://threatbook.io/ip/104.207.50.205 2026-04-19 14:19:24 /docs/appdev/sample/web/WEB-INF/web.xml show less	Web App Attack
🇫🇷 masterguru	2026-04-04 07:25:13 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.50.205 (GB/United Kingdom/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.50.205 (GB/United Kingdom/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇪🇸 librebit	2026-03-29 02:01:08 (2 months ago)	Brute force	Brute-Force
🇱🇻 garmtech.com	2026-03-23 19:03:29 (2 months ago)	IM360 WAF: RBL block risky actions MV:RBL lookup of 21-03.104.207.50.205.risky-actions.v2.rbl.imunif ... show more IM360 WAF: RBL block risky actions MV:RBL lookup of 21-03.104.207.50.205.risky-actions.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2026-03-13 00:00:32 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇪🇸 10dencehispahard SL	2026-01-26 07:39:19 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇨🇳 ThreatBook.io	2026-01-24 23:35:53 (4 months ago)	ThreatBook Intelligence: http_proxy,Dynamic IP more details on https://threatbook.io/ip/104.207.50.2 ... show more ThreatBook Intelligence: http_proxy,Dynamic IP more details on https://threatbook.io/ip/104.207.50.205 2026-01-24 16:45:00 /api/swagger.json 2026-01-24 16:44:59 /swagger/docs/v1 2026-01-24 16:44:56 /nacos/v1/auth/users?pageNo=1&pageSize=10 2026-01-24 16:45:01 /v3/api-docs 2026-01-24 16:44:59 /swagger/v1/swagger.json 2026-01-24 16:44:58 /v2/api-docs 2026-01-24 16:44:58 /prod-api/v2/api-docs show less	Web App Attack
🇫🇷 mrcrassi	2026-01-22 22:37:27 (4 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (POST meth ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (POST method) Endpoint: /wp-login.php UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.203 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇨🇳 ThreatBook.io	2025-12-14 23:15:23 (5 months ago)	ThreatBook Intelligence: http_proxy,Dynamic IP more details on https://threatbook.io/ip/104.207.50.2 ... show more ThreatBook Intelligence: http_proxy,Dynamic IP more details on https://threatbook.io/ip/104.207.50.205 2025-12-14 15:07:45 / 2025-12-14 15:07:46 /?method:%23_memberAccess%[email protected]@DEFAULT_MEMBER_ACCESS,%23res%3d%40org.apache.struts2.ServletActionContext%40getResponse%28%29,%23res.setCharacterEncoding%28%23parameters.encoding[0]%29,%23w%3d%23res.getWriter%28%29,%23s%3dnew+java.util.Scanner%[email protected]@getRuntime%28%29.exec%28%23parameters.cmd[0]%29.getInputStream%28%29%29.useDelimiter%28%23parameters.pp[0]%29,%23str%3d%23s.hasNext%28%29%3f%23s.next%28%29%3a%23parameters.ppp[0],%23w.print%28%23str%29,%23w.close%28%29,1?%23xx:%23request.toString&cmd=netstat%20-an&pp=\A&ppp=%20&encoding=UTF-8 show less	Web App Attack
🇮🇳 Mcshield.org	2025-12-01 06:19:01 (6 months ago)	Possible port scan detected from 104.207.50.205 (masscan/nmap signature)	Email Spam Port Scan
🇫🇷 applemooz	2025-11-01 12:29:26 (7 months ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack
Anonymous	2025-10-30 13:57:05 (7 months ago)	WordPress Brute Force	Brute-Force
🇩🇪 Marc	2025-10-29 18:50:22 (7 months ago)		Brute-Force Web App Attack

Showing 1 to 15 of 146 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 172.214.155.235

🇺🇸 172.214.45.197

🇮🇳 139.59.30.229

🇩🇪 91.92.240.42

🇳🇱 45.156.87.204

🇰🇷 220.119.37.141

🇺🇸 204.10.160.252

🇷🇺 88.205.172.170

🇱🇹 81.30.98.49

🇫🇮 46.253.131.113

🇱🇹 45.227.254.170

🇳🇱 45.148.10.151

🇩🇪 167.94.145.28

🇺🇸 142.93.248.204

🇨🇳 117.50.73.90

🇺🇸 35.94.215.72

🇺🇸 3.134.93.250

🇮🇳 117.192.237.61

🇺🇿 95.46.211.142

🇺🇸 91.193.232.248