JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.50.236

104.207.50.236 was found in our database!

This IP was reported 129 times. Confidence of Abuse is 31%: ?

31%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.50.236

Whois 104.207.50.236

IP Abuse Reports for 104.207.50.236:

This IP address has been reported a total of 129 times from 20 distinct sources. 104.207.50.236 was first reported on June 4th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-06-11 03:00:09 (2 days ago)	Brute force	Brute-Force
🇫🇷 ELYAZ	2026-06-10 12:51:40 (3 days ago)	(y4) Failed scan -byebye- from 104.207.50.236 (GB/United Kingdom/-): (CF_ENABLE)	Hacking
🇬🇧 spamverify.com	2026-06-10 02:14:43 (3 days ago)	Honeypot Hit: WordPress Login	Web Spam Blog Spam Bad Web Bot Web App Attack
🇱🇹 NotACaptcha	2026-04-30 08:25:01 (1 month ago)	webserver:443 [30/Apr/2026] "GET /.aws/credentials HTTP/1.1" 302 4276 "-" "Mozilla/5.0 (iPhone; CPU ... show more webserver:443 [30/Apr/2026] "GET /.aws/credentials HTTP/1.1" 302 4276 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/75.0.3770.103 Mobile/15E148 Safari/605.1" show less	Web App Attack
🇫🇷 masterguru	2026-04-28 04:44:57 (1 month ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 104.207.50.236 (GB/United Kingdom/-): ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 104.207.50.236 (GB/United Kingdom/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇺🇸 Mundo Bueno	2026-04-27 03:35:19 (1 month ago)	[ISILIA Protection v2.1] Tentative d'accès: /.aws/credentials \| Pays: DE \| UA: Mozilla/5.0 (Windows ... show more [ISILIA Protection v2.1] Tentative d'accès: /.aws/credentials \| Pays: DE \| UA: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3786.0 S show less	Hacking Web App Attack
🇦🇺 MAGIC	2026-04-26 00:04:44 (1 month ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇵🇱 sefinek.net	2026-03-29 03:46:16 (2 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: /genshin-stella-mod \| UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-03-06 06:49:06 (3 months ago)	(mod_security) mod_security (id:211190) triggered by 104.207.50.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211190) triggered by 104.207.50.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 06 01:48:49.094117 2026] [security2:error] [pid 23048:tid 23048] [client 104.207.50.236:63685] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|livinghomegrown.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?file=../../../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "livinghomegrown.com"] [uri "/index.php"] [unique_id "aap40fhmJKAH0U-VFhP8JwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 voormedia	2026-03-05 16:09:18 (3 months ago)	Accessed trap at '/.git/config'	Web App Attack
🇺🇸 TPI-Abuse	2026-03-05 08:26:27 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 05 03:26:21.240783 2026] [security2:error] [pid 5951:tid 5986] [client 104.207.50.236:54073] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.howardhallis.com"] [uri "/.git/objects/be/60bbbf2f180e97c18bb2c7d681a0f8f61e03c4"] [unique_id "aak-LTIRgu8fHCKeraftyQAAAFA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-04 00:48:35 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 03 19:48:30.117580 2026] [security2:error] [pid 11884:tid 11895] [client 104.207.50.236:32791] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nothingwithoutwater.com"] [uri "/.env"] [unique_id "aaeBXhdUmbZCMOUPirT8_wAAAUI"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-03-02 22:59:55 (3 months ago)	Auto-ban: >3000 req/min op 2026-03-02	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-01-07 13:25:39 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 07 08:25:32.735825 2026] [security2:error] [pid 32451:tid 32451] [client 104.207.50.236:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "caspina.com"] [uri "/.svn/wc.db"] [unique_id "aV5ezGLSUhHF54SW9YPfuwAAABg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 129 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 210.222.46.15

🇫🇮 204.168.240.142

🇭🇰 199.45.154.121

🇨🇳 117.50.118.246

🇻🇳 103.75.180.250

🇺🇸 3.18.213.73

🇵🇭 222.127.53.189

🇬🇷 169.150.252.75

🇩🇪 167.94.146.59

🇫🇷 158.173.157.54

🇰🇿 145.255.162.136

🇻🇳 110.172.28.207

🇺🇸 91.230.168.214

🇷🇺 80.247.110.206

🇺🇸 66.132.172.120

🇺🇸 35.199.159.155

🇺🇸 20.65.193.28

🇵🇹 2.81.194.83

🇰🇷 218.148.106.182

🇲🇽 187.191.48.23