JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.50.36

104.207.50.36 was found in our database!

This IP was reported 146 times. Confidence of Abuse is 43%: ?

43%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.50.36

Whois 104.207.50.36

IP Abuse Reports for 104.207.50.36:

This IP address has been reported a total of 146 times from 29 distinct sources. 104.207.50.36 was first reported on June 4th 2024, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 MAGIC	2026-06-02 01:23:03 (6 days ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2026-05-31 13:00:45 (1 week ago)	wordpress authentication brute force	Brute-Force Web App Attack
Anonymous	2026-05-31 10:33:04 (1 week ago)	[ssd5.kdns.gr] httpd-login-spray-site: sites=hparxo.gr; logs=/var/log/httpd/domains/hparxo.gr.log; s ... show more [ssd5.kdns.gr] httpd-login-spray-site: sites=hparxo.gr; logs=/var/log/httpd/domains/hparxo.gr.log; samples=site_wide=true \| distinct_ips=14 \| /wp-login.php show less	Hacking Web App Attack
🇲🇹 Malta	2026-05-31 06:19:45 (1 week ago)	104.207.50.36 - - [31/May/2026:08:19:45 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh ... show more 104.207.50.36 - - [31/May/2026:08:19:45 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1; rv:118.0) Gecko/20100101 Firefox/118.0" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇺🇸 lostswordfish.com	2026-05-28 07:00:06 (1 week ago)	Wordfence waf block on jestrellafoundation	Web App Attack
🇫🇷 pm33	2026-05-25 23:05:29 (1 week ago)	Wordpress login attempts	Brute-Force
🇲🇽 octageeks.com	2026-05-24 04:07:01 (2 weeks ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇩🇪 LRob.fr	2026-05-22 20:30:05 (2 weeks ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-15 22:59:59 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-15	Hacking Web App Attack SSH
Anonymous	2026-02-15 13:05:15 (3 months ago)	WAF repeated trigger detected by Fail2Ban	Web App Attack
🇬🇧 consul.to	2026-02-15 12:50:20 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇳🇴 tmiland	2026-02-15 12:39:28 (3 months ago)	(nginx_404) Dot directory Honeypot Trap 104.207.50.36 (GB/United Kingdom/-): 2 in the last 3600 secs	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-15 12:10:01 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.36 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:09:56.270760 2026] [security2:error] [pid 22642:tid 22642] [client 104.207.50.36:23795] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tedmccachren.com"] [uri "/api/.env"] [unique_id "aZG3lNy31jXT59l9I424HAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:52:09 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.36 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:52:02.033621 2026] [security2:error] [pid 1410:tid 1410] [client 104.207.50.36:32513] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thumbmotorsales.com"] [uri "/v2/.git/config"] [unique_id "aZGzYs43TpI_SgeqooZcWQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2026-02-15 11:41:24 (3 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack

Showing 1 to 15 of 146 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 2402:800:6116:a835:49a3:e82c:3b6c:5c18

🇷🇴 193.32.162.82

🇱🇹 185.169.4.30

🇻🇳 171.231.197.35

🇨🇳 111.53.166.163

🇺🇸 104.164.178.199

🇨🇳 43.248.108.63

🇰🇷 220.118.173.234

🇸🇬 217.15.164.228

🇩🇪 213.209.159.236

🇳🇱 204.76.203.15

🇩🇪 178.104.164.71

🇵🇰 175.107.228.73

🇨🇳 122.226.38.134

🇺🇸 103.143.11.150

🇳🇱 93.123.72.166

🇦🇹 91.141.57.255

🇩🇪 84.159.116.226

🇨🇦 2001:1810:1041:200:0:4:d1eb:888a

🇲🇽 189.146.62.55