JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.180.200

209.50.180.200 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 11%: ?

11%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.180.200

Whois 209.50.180.200

IP Abuse Reports for 209.50.180.200:

This IP address has been reported a total of 13 times from 6 distinct sources. 209.50.180.200 was first reported on December 14th 2025, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-06-23 18:15:10 (5 days ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
Anonymous	2026-05-03 15:32:21 (1 month ago)	209.50.180.200 - - [03/May/2026:23:32:21 +0800] "GET /.env HTTP/1.1" 301 236 "-" "Mozilla/5.0 (Linux ... show more 209.50.180.200 - - [03/May/2026:23:32:21 +0800] "GET /.env HTTP/1.1" 301 236 "-" "Mozilla/5.0 (Linux; Android 9; LLD-AL10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36" ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 11:25:46 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 06:25:43.473498 2025] [security2:error] [pid 2644682:tid 2644707] [client 209.50.180.200:56621] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettleofgold.com"] [uri "/.env"] [unique_id "aVJlN4bE9pXjh74wbNagpAAAAJU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 09:47:48 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 04:47:43.693967 2025] [security2:error] [pid 13229:tid 13229] [client 209.50.180.200:14825] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "amatosdrywall.com"] [uri "/.svn/wc.db"] [unique_id "aVJOP2RYkpIPOd3C9f_YywAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 06:30:06 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:29:56.665229 2025] [security2:error] [pid 6553:tid 6553] [client 209.50.180.200:23055] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "littlepeopledelivery.com"] [uri "/.git/HEAD"] [unique_id "aVIf5O0UJKEZFSZ81Or8nwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:37:43 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:37:37.664082 2025] [security2:error] [pid 17816:tid 17816] [client 209.50.180.200:43961] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "title49.com"] [uri "/.svn/wc.db"] [unique_id "aVIToU5ljkV_gclaRFksXgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:07:19 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:07:13.949734 2025] [security2:error] [pid 12950:tid 12950] [client 209.50.180.200:21389] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "misscharlottemusic.com"] [uri "/.svn/wc.db"] [unique_id "aVIMgXjzFcwT3tSzVOvq4gAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:16:08 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:16:03.938329 2025] [security2:error] [pid 21583:tid 21583] [client 209.50.180.200:13821] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cajunfriedturkey.com"] [uri "/.svn/wc.db"] [unique_id "aVIAg79QfiyZBwaKFCR8MAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 03:42:57 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 22:42:53.686255 2025] [security2:error] [pid 26107:tid 26107] [client 209.50.180.200:59445] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "westernweddingnapkins.com"] [uri "/.env"] [unique_id "aVH4vbGSPk3P3Re6GZUaJwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-25 07:18:05 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 25 02:18:00.016364 2025] [security2:error] [pid 21952:tid 21952] [client 209.50.180.200:17877] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|magacine.tv\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "magacine.tv"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aUzlKNeHgGpRUfa1C6tupgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-12-24 05:45:12 (6 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇧🇷 hostseries	2025-12-24 04:59:26 (6 months ago)	Trigger: LF_DISTATTACK	Brute-Force
Anonymous	2025-12-14 20:38:23 (6 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 195.206.182.220

🇨🇦 85.217.149.28

🇨🇳 47.96.85.128

🇺🇸 44.202.77.53

🇬🇧 2a03:b0c0:1:e0:0:1:8a29:1001

🇺🇸 2001:470:1:fb5::187

🇵🇰 175.107.244.96

🇨🇳 171.108.182.228

🇮🇩 163.7.11.155

🇭🇰 144.48.243.18

🇬🇧 138.68.154.41

🇺🇸 104.243.35.45

🇺🇸 65.49.1.93

🇫🇷 62.210.142.162

🇺🇸 44.38.59.230

🇻🇳 42.96.20.16

🇯🇵 20.89.48.223

🇺🇸 18.207.79.144

🇨🇳 14.103.111.110

🇫🇷 5.39.1.238