JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.180.213

209.50.180.213 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 11%: ?

11%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.180.213

Whois 209.50.180.213

IP Abuse Reports for 209.50.180.213:

This IP address has been reported a total of 17 times from 6 distinct sources. 209.50.180.213 was first reported on November 19th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇯🇵 VXG-NET	2026-06-10 18:36:26 (2 weeks ago)	port=80, indicator_type=info-leak	Hacking
🇫🇮 as211431.net	2026-06-02 12:56:26 (3 weeks ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /index.php UA: Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇫🇮 as211431.net	2026-03-18 22:31:22 (3 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /user/register/ UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇩🇪 bsoft.de	2026-01-19 01:11:44 (5 months ago)	Blocked because of abusive behavior	DDoS Attack
🇩🇪 Packets-Decreaser.NET	2025-12-31 00:59:12 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-26 08:35:45 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.213 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:35:37.384953 2025] [security2:error] [pid 14890:tid 14890] [client 209.50.180.213:11181] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.explorediablo.com"] [uri "/.svn/wc.db"] [unique_id "aSa72WM2v2_WNCoQ97iGSAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 07:09:13 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.213 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 02:09:10.400011 2025] [security2:error] [pid 8570:tid 8570] [client 209.50.180.213:46915] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.americanureport.com"] [uri "/.env"] [unique_id "aSanlhdzhiZF_N1F5uJH-gAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:07:55 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.213 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:07:49.252825 2025] [security2:error] [pid 9828:tid 9828] [client 209.50.180.213:18773] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.suralcopensioendesk.com"] [uri "/.git/HEAD"] [unique_id "aSaZNciLALz7_piYA1YurQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:31:18 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.213 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:31:11.725143 2025] [security2:error] [pid 29416:tid 29416] [client 209.50.180.213:55233] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.memcoplast.com"] [uri "/.env"] [unique_id "aSZmb-2WBInPyHkj28_FkgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:26:01 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.213 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:25:52.485972 2025] [security2:error] [pid 19636:tid 19636] [client 209.50.180.213:55151] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.darrenpeck.com"] [uri "/.env"] [unique_id "aSZJEEUTPXEii9mQ_t6rRgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:09:12 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.213 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:09:02.621620 2025] [security2:error] [pid 14510:tid 14510] [client 209.50.180.213:18043] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.nationalenq.com"] [uri "/.env"] [unique_id "aSU57oK3MJtfWc32up1x8AAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:43:07 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.213 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:43:02.287570 2025] [security2:error] [pid 374:tid 374] [client 209.50.180.213:48045] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.funnelfacelift.waggonerfinancial.com"] [uri "/.git/HEAD"] [unique_id "aSQoptbh5Ur-myMn7NxQywAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:15:49 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.213 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:15:45.689742 2025] [security2:error] [pid 19309:tid 19309] [client 209.50.180.213:39027] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.mydobdate.net"] [uri "/.svn/wc.db"] [unique_id "aSQiQZcLSz6h0x_U7-mcUgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:49:42 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.213 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:49:35.685607 2025] [security2:error] [pid 13524:tid 13524] [client 209.50.180.213:39569] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.schonmusic.com"] [uri "/.env"] [unique_id "aSQcH8A_t7GnJipXn3jv3QAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:47:27 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.213 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:47:21.577223 2025] [security2:error] [pid 8553:tid 8553] [client 209.50.180.213:33841] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "austintrauma.com"] [uri "/.svn/wc.db"] [unique_id "aSQNiVzYZAPj_tE0ZxHr2QAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 139.170.73.235

🇷🇺 80.65.30.25

🇭🇰 34.150.116.35

🇨🇳 27.18.138.199

🇸🇬 209.74.67.111

🇧🇷 177.135.206.10

🇭🇰 165.154.43.179

🇨🇳 119.109.122.165

🇱🇻 81.30.98.62

🇮🇳 61.3.17.110

🇳🇱 45.148.10.147

🇧🇪 34.79.14.247

🇺🇸 20.245.71.147

🇺🇸 18.188.56.10

🇬🇧 2a06:4880:c000::fc

🇳🇱 183.81.169.76

🇳🇱 176.65.149.212

🇺🇸 141.11.88.4

🇨🇳 125.47.140.28

🇧🇬 79.124.56.210