JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.180.208

209.50.180.208 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 13%: ?

13%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.180.208

Whois 209.50.180.208

IP Abuse Reports for 209.50.180.208:

This IP address has been reported a total of 30 times from 15 distinct sources. 209.50.180.208 was first reported on October 25th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 FeG Deutschland	2026-06-24 12:33:26 (2 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 127	Exploited Host Web App Attack
🇩🇪 iNetWorker	2026-06-06 19:40:02 (2 weeks ago)	trolling for resource vulnerabilities	Web App Attack
🇦🇺 oncord	2026-04-12 20:27:41 (2 months ago)	Form spam	Web Spam
🇦🇺 oncord	2026-04-08 12:43:20 (2 months ago)	Form spam	Web Spam
🇦🇺 RedBear IT	2026-03-26 10:00:37 (3 months ago)	"DDoS against public endpoint"	DDoS Attack
🇸🇬 securejdprop	2026-03-22 04:33:11 (3 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus D ... show more This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus DROP Listed Traffic Inbound group 60). Ip 209.50.180.208 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2026-03-22 04:33:10.254925904 +0000 UTC show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:14:15 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:14:11.755856 2026] [security2:error] [pid 1164323:tid 1164345] [client 209.50.180.208:64683] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iacsb.com"] [uri "/wp/.git/config"] [unique_id "aYqig5u0XmnEVHvC_jKPBgAAAFQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:37:05 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:36:55.020096 2026] [security2:error] [pid 2681:tid 2681] [client 209.50.180.208:30855] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hshs82.com"] [uri "/.env.staging"] [unique_id "aYpvl4SNlpjYqzcwzch5SAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:52:42 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:52:39.230588 2026] [security2:error] [pid 5899:tid 5916] [client 209.50.180.208:25263] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "howardhallis.com"] [uri "/app/.env"] [unique_id "aYplNxiTYUJElKef9bxiTQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:01:08 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:01:00.486310 2026] [security2:error] [pid 30563:tid 30563] [client 209.50.180.208:54223] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "katharinanitzpon.com"] [uri "/api/.env"] [unique_id "aYpZHDRbyRBWp_854GOmpwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 21:09:17 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:09:07.651755 2026] [security2:error] [pid 16011:tid 16011] [client 209.50.180.208:39013] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "karenjoyce.com"] [uri "/api/.env"] [unique_id "aYpM8zu5sqva2S0yTY2h7AAAACc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-09 20:06:48 (4 months ago)	Blocking for trying to access an exploit file: /api/.env	Hacking
🇦🇺 oncord	2026-01-20 16:40:18 (5 months ago)	Form spam	Web Spam
🇱🇻 garmtech.com	2026-01-14 04:07:27 (5 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 06-07.209.50.180.208.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 06-07.209.50.180.208.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇦🇺 oncord	2026-01-02 09:40:16 (5 months ago)	Form spam	Web Spam

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 159.183.122.8

🇺🇸 216.25.89.130

🇩🇪 213.209.159.225

🇸🇪 188.126.240.80

🇵🇭 154.18.197.35

🇺🇸 147.185.132.226

🇸🇬 118.26.111.107

🇺🇸 100.29.160.53

🇴🇲 96.9.133.17

🇩🇪 91.107.248.103

🇺🇸 65.49.1.232

🇱🇹 62.60.130.219

🇮🇪 54.77.60.62

🇳🇱 51.158.205.47

🇩🇪 43.228.157.10

🇹🇷 37.202.48.231

🇳🇱 5.61.209.43

🇨🇳 203.189.221.17

🇺🇸 195.184.76.93

🇳🇱 195.178.110.232