JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.50.79

104.207.50.79 was found in our database!

This IP was reported 148 times. Confidence of Abuse is 29%: ?

29%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.50.79

Whois 104.207.50.79

IP Abuse Reports for 104.207.50.79:

This IP address has been reported a total of 148 times from 19 distinct sources. 104.207.50.79 was first reported on June 18th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ELYAZ	2026-06-21 10:42:56 (2 days ago)	(y4) Failed scan -byebye- from 104.207.50.79 (GB/United Kingdom/-): (CF_ENABLE)	Hacking
Anonymous	2026-06-19 20:30:10 (3 days ago)	104.207.50.79 - - [19/Jun/2026:22:30:10 +0200] "POST / HTTP/1.1" 301 169 "https:///" "Mozilla/5.0 (M ... show more 104.207.50.79 - - [19/Jun/2026:22:30:10 +0200] "POST / HTTP/1.1" 301 169 "https:///" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" show less	Web App Attack
🇺🇸 lostswordfish.com	2026-06-19 07:10:05 (4 days ago)	Wordfence waf block on jestrellafoundation	Web App Attack
🇩🇪 iNetWorker	2026-06-18 14:14:16 (5 days ago)	trolling for resource vulnerabilities	Web App Attack
🇦🇺 oncord	2026-02-22 06:05:50 (4 months ago)	Form spam	Web Spam
🇦🇺 oncord	2026-02-18 01:28:02 (4 months ago)	Form spam	Web Spam
🇦🇺 oncord	2026-02-15 02:33:41 (4 months ago)	Form spam	Web Spam
🇦🇺 oncord	2026-02-13 13:26:01 (4 months ago)	Form spam	Web Spam
🇵🇱 sefinek.net	2026-02-10 20:29:27 (4 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇦🇺 oncord	2026-02-10 08:21:06 (4 months ago)	Form spam	Web Spam
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:52 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇱🇻 garmtech.com	2025-12-05 06:22:47 (6 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 08-22.104.207.50.79.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 08-22.104.207.50.79.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 19:40:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.79 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 14:40:11.263245 2025] [security2:error] [pid 5927:tid 5927] [client 104.207.50.79:58187] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.weyoungrenovations.com"] [uri "/.svn/wc.db"] [unique_id "aSdXmwLDS44PMHUgPFYeLQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:28:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.79 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:28:30.952479 2025] [security2:error] [pid 8303:tid 8303] [client 104.207.50.79:18003] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.photonmatrix.com"] [uri "/.git/HEAD"] [unique_id "aSVMjkYj-Xztj-qFYojSeAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:11:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.50.79 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.50.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:11:27.701431 2025] [security2:error] [pid 13623:tid 13623] [client 104.207.50.79:60317] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.patanthony.com"] [uri "/.git/HEAD"] [unique_id "aSVIj6wiMiPdzapWTKdSVQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 148 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 158.69.117.34

🇺🇿 144.124.192.18

🇨🇦 85.217.149.58

🇺🇸 52.21.227.35

🇫🇷 194.59.31.115

🇮🇩 157.10.160.103

🇪🇸 46.6.124.216

🇯🇵 43.133.194.186

🇷🇺 217.149.191.246

🇮🇳 122.168.194.41

🇹🇼 111.250.55.184

🇺🇸 50.46.141.125

🇨🇳 36.108.175.251

🇮🇩 36.66.16.233

🇩🇪 213.209.159.175

🇻🇳 123.58.198.35

🇨🇳 111.26.69.160

🇺🇸 107.167.34.125

🇧🇷 104.28.152.99

🇻🇳 103.101.162.56