JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.38.100.50

209.38.100.50 was found in our database!

This IP was reported 138 times. Confidence of Abuse is 0%: ?

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.38.100.50

Whois 209.38.100.50

IP Abuse Reports for 209.38.100.50:

This IP address has been reported a total of 138 times from 73 distinct sources. 209.38.100.50 was first reported on May 27th 2025, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 Gem	2026-02-11 13:09:32 (4 months ago)	Unauthorized web scan.	Web App Attack
Anonymous	2026-02-06 07:53:00 (4 months ago)	GET /+CSCOE+/logon.html	Hacking Brute-Force Web App Attack
🇫🇷 carpes0708	2026-02-06 02:47:19 (4 months ago)		Port Scan Web App Attack
🇬🇧 kiwi.network	2026-02-05 21:56:41 (4 months ago)	Web application fingerprinting: 209.38.100.50 - - [05/Feb/2026:23:56:39 0200] "GET / CSCOL /Java.ja ... show more Web application fingerprinting: 209.38.100.50 - - [05/Feb/2026:23:56:39 0200] "GET / CSCOL /Java.jar HTTP/1.1" 404 1834 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" "targethostIP" "443" 209.38.100.50 - - [05/Feb/2026:23:56:39 0200] "GET / CSCOE /logon_forms.js HTTP/1.1" 404 1834 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" "targethostIP" "443" 209.38.100.50 - - [05/Feb/2026:23:56:40 0200] "GET / CSCOL /a1.jar HTTP/1.1" 404 1834 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" "targethostIP" "443" 209.38.100.50 - - [05/Feb/2026:23:56:40 0200] "GET / CSCOE /transfer.js HTTP/1.1" 404 1834 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" "targethostIP" "443" show less	Hacking Exploited Host Web App Attack
🇺🇸 ne1for23	2026-02-05 21:55:51 (4 months ago)	Attempt to access invalid virtual host name (###.###.###.###). Typically used to access "internal" ... show more Attempt to access invalid virtual host name (###.###.###.###). Typically used to access "internal" resources improperly exposed externally and "protected" only by a lack of external DNS resolution. 209.38.100.50 - - [05/Feb/2026:21:55:51 +0000] "GET /+CSCOL+/Java.jar HTTP/1.1" 403 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" "-" show less	Hacking
🇳🇱 Jordy	2026-02-05 21:28:00 (4 months ago)	05/Feb/2026:22:27:59.647583 +0100Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client ... show more 05/Feb/2026:22:27:59.647583 +0100Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client 209.38.100.50] ModSecurity: Warning. Pattern match "^[\\\\\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/usr/share/modsecurity-crs/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "736"] [id "920350"] [msg "Host header is a numeric IP address"] [data "141.224.196.208"] [severity "WARNING"] [ver "OWASP_CRS/3.3.5"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "141.224.196.208"] [uri "/+CSCOL+/Java.jar"] [unique_id "aYULX5rUhtVvnquGS46xXgAAABA"] 05/Feb/2026:22:28:00.242248 +0100Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client 209.38.100.50] ModSecurity: Warning. Pattern match "^[\\\\\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/usr/share/modsecurity-crs/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "736"] [id "920350"] ... show less	Web App Attack
🇺🇸 ersei.net	2026-02-05 20:11:15 (4 months ago)	Brute force multiple 403s	Brute-Force
🇵🇱 dzpk	2026-02-05 20:01:34 (4 months ago)	[05/Feb/2026:21:01:33 +0100] 177032169319.464298 209.38.100.50 46218 HOST 443 [05/Feb/2026:21:01:33 ... show more [05/Feb/2026:21:01:33 +0100] 177032169319.464298 209.38.100.50 46218 HOST 443 [05/Feb/2026:21:01:33 +0100] 177032169327.850630 209.38.100.50 46230 HOST 443 [05/Feb/2026:21:01:34 +0100] 177032169464.332205 209.38.100.50 46236 HOST 443 show less	Web App Attack
🇺🇸 RogueAutomata	2026-02-05 19:37:15 (4 months ago)	Detected malicious request: GET /+CSCOL+/Java.jar Detections triggered: Access via IP addr (v4)	Web App Attack
🇬🇧 Interceptor_HQ	2026-02-05 19:14:44 (4 months ago)	request_uri: /+CSCOL+/Java.jar -- automatic report --	Hacking Brute-Force
🇫🇷 Security_Whaller	2026-02-05 18:18:37 (4 months ago)	Malicious activity detected on Honeypot.	Hacking Brute-Force Web App Attack
🇮🇳 Starburst SysOp Team	2026-02-05 17:21:00 (4 months ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-bom2-2)	Hacking Bad Web Bot
🇳🇱 Libra	2026-02-05 16:46:49 (4 months ago)	Fail2ban jail=apache-ddos increase=2	Web App Attack
Anonymous	2026-02-05 16:36:01 (4 months ago)	Unauthorized SSH login attempts	Brute-Force SSH
🇺🇸 Hmorrin	2026-02-05 15:16:07 (4 months ago)		Port Scan

Showing 1 to 15 of 138 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 198.62.1.198

🇮🇩 110.137.210.102

🇮🇩 103.176.78.149

🇳🇱 45.94.31.112

🇺🇸 13.217.95.0

🇺🇸 13.89.125.253

🇸🇦 5.246.33.220

🇰🇷 211.223.182.96

🇲🇿 197.219.228.242

🇨🇳 175.31.147.26

🇹🇭 161.82.154.162

🇨🇦 142.0.253.24

🇮🇱 129.159.131.95

🇩🇪 84.16.246.228

🇰🇷 49.247.36.49

🇸🇬 47.82.14.21

🇧🇷 45.232.73.84

🇸🇬 45.77.168.83

🇨🇭 35.216.144.195

🇮🇷 5.239.159.14