JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.180.86

209.50.180.86 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.180.86

Whois 209.50.180.86

IP Abuse Reports for 209.50.180.86:

This IP address has been reported a total of 18 times from 7 distinct sources. 209.50.180.86 was first reported on October 17th 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-02-19 04:37:32 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.86 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 23:37:25.104120 2026] [security2:error] [pid 10768:tid 10768] [client 209.50.180.86:9437] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "knowbuddy.org"] [uri "/app/.env"] [unique_id "aZaThaRF8Rubcd7tWpae4QAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 DZBOT	2026-02-19 03:38:19 (3 months ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 03:21:23 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.86 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 22:21:08.695921 2026] [security2:error] [pid 22067:tid 22067] [client 209.50.180.86:40489] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keyspring-niseko.com"] [uri "/.git/config"] [unique_id "aZaBpGW-UhWwuokEwQMxpAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 02:10:42 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.86 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 21:10:36.984091 2026] [security2:error] [pid 23690:tid 23690] [client 209.50.180.86:13023] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "katherinehowell.us"] [uri "/backend/.env"] [unique_id "aZZxHJqSx7yon9fgibE44QAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 00:57:08 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.86 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 19:57:03.894756 2026] [security2:error] [pid 2224:tid 2224] [client 209.50.180.86:61337] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "walkingwithghosts.com"] [uri "/.env"] [unique_id "aZZf35VIi3jsrYpc0U8c4AAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-02-18 20:40:23 (3 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 20:16:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.86 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 15:16:26.523619 2026] [security2:error] [pid 4631:tid 4631] [client 209.50.180.86:62349] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "trasimeno.ws"] [uri "/.env.production"] [unique_id "aZYeGmDKD4pWH-Iu6FUnOAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 19:53:40 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.86 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 14:53:34.395859 2026] [security2:error] [pid 6976:tid 6998] [client 209.50.180.86:36691] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "torreymanagement.com"] [uri "/v2/.git/config"] [unique_id "aZYYvi0eKVajTgEacMaK2QAAAVM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 18:36:58 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.86 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 13:36:48.497150 2026] [security2:error] [pid 26517:tid 26517] [client 209.50.180.86:55849] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thewritekellys.com"] [uri "/test/.git/config"] [unique_id "aZYGwIzic1qRfY84TXX1DQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 iNetWorker	2026-02-18 13:06:17 (3 months ago)	trolling for resource vulnerabilities	Web App Attack
🇺🇸 TPI-Abuse	2026-01-20 22:52:39 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.86 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 20 17:51:52.591568 2026] [security2:error] [pid 21665:tid 21665] [client 209.50.180.86:44627] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gonzalez.com"] [uri "/.env"] [unique_id "aXAHCNull6I_zxKpaC_X8gAAADc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 22:22:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.86 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 17:22:26.405870 2025] [security2:error] [pid 20058:tid 20058] [client 209.50.180.86:25653] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ibeautyexchange.com"] [uri "/.svn/wc.db"] [unique_id "aSjPIidsGKrPNlJebJVgFgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:42:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.180.86 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.180.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:42:20.916520 2025] [security2:error] [pid 27441:tid 27441] [client 209.50.180.86:60629] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.boatpeople.org"] [uri "/.env"] [unique_id "aSQofIW7y808oVE9GhHIbAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 el-brujo	2025-11-24 07:20:46 (6 months ago)	Cloudflare WAF: Request Path: /.git/HEAD Request Query: Host: hwagm.elhacker.net userAgent: Mozilla ... show more Cloudflare WAF: Request Path: /.git/HEAD Request Query: Host: hwagm.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Action: block Source: firewallManaged ASN Description: DREI-K-TECH-GMBH Country: DE Method: GET Timestamp: 2025-11-24T07:20:46Z ruleId: 23548ee2b36547a1be09bb2c0550c529. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 218.29.196.162

🇺🇸 216.24.210.95

🇫🇷 195.154.61.169

🇭🇰 139.198.113.29

🇫🇷 130.49.114.153

🇳🇱 45.148.10.157

🇧🇪 198.235.24.244

🇺🇸 147.185.132.213

🇨🇳 106.75.137.178

🇮🇳 103.168.241.32

🇺🇸 98.159.37.27

🇬🇧 89.37.172.158

🇳🇱 85.11.167.11

🇺🇸 52.167.144.66

🇷🇺 45.132.18.40

🇷🇺 31.173.2.172

🇺🇸 216.73.163.138

🇬🇧 195.96.139.121

🇺🇸 184.105.247.238

🇮🇳 157.51.134.191