JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.181.131

209.50.181.131 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 3%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.181.131

Whois 209.50.181.131

IP Abuse Reports for 209.50.181.131:

This IP address has been reported a total of 11 times from 6 distinct sources. 209.50.181.131 was first reported on October 12th 2025, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 COMAITE	2026-06-08 13:36:33 (6 days ago)	CMS (WordPress or Joomla) brute force attempt.	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇪🇸 10dencehispahard SL	2026-01-26 09:46:28 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇺🇸 TPI-Abuse	2025-11-25 05:54:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.131 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:53:54.701142 2025] [security2:error] [pid 12234:tid 12234] [client 209.50.181.131:17367] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.informativearticles.com"] [uri "/.git/HEAD"] [unique_id "aSVEcp0yeVsD25uA8EnvFAAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:24:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.131 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:24:31.250611 2025] [security2:error] [pid 32718:tid 32718] [client 209.50.181.131:24303] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.integratic.com.co"] [uri "/.svn/wc.db"] [unique_id "aSU9j6NBs3dPiVlwuwuhlwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:42:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.131 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:42:23.346470 2025] [security2:error] [pid 21583:tid 21583] [client 209.50.181.131:33461] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "weyoungreno.weyoungrenovations.com"] [uri "/.svn/wc.db"] [unique_id "aSUln2HOMHjmOj4P8J8gNgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:48:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.131 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:48:21.516883 2025] [security2:error] [pid 4866:tid 4866] [client 209.50.181.131:32857] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dartylife.com"] [uri "/.git/HEAD"] [unique_id "aSUY9bTtcwTkiGfMlYBKjQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:06:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.131 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:06:45.971766 2025] [security2:error] [pid 18338:tid 18338] [client 209.50.181.131:59287] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crochetfreepatterns.com"] [uri "/.svn/wc.db"] [unique_id "aSUPNfZD_Rb1aTe-5uzD4QAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:07:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.131 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:07:31.098929 2025] [security2:error] [pid 21122:tid 21122] [client 209.50.181.131:35701] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.frothnir.huginhof.org"] [uri "/.git/HEAD"] [unique_id "aSTzQ5rYvS0R0M2mxg4YmAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2025-10-17 04:21:55 (7 months ago)	2.384 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇦🇺 oncord	2025-10-12 00:59:09 (8 months ago)	Form spam	Web Spam

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 202.105.98.252

🇳🇱 93.123.72.183

🇺🇸 47.251.9.15

🇯🇵 35.187.222.91

🇮🇱 2a06:c701:43f0:2200:cde3:2159:8983:2e2e

🇬🇧 2a06:4880:c000::e2

🇸🇬 219.74.241.217

🇺🇸 216.25.89.98

🇧🇪 198.235.24.254

🇧🇷 177.43.105.11

🇫🇷 109.123.250.122

🇨🇳 101.96.198.153

🇩🇪 74.80.89.243

🇭🇰 8.217.213.2

🇺🇸 198.199.94.79

🇸🇬 194.5.82.114

🇧🇷 190.115.84.25

🇨🇦 146.190.249.251

🇺🇸 100.29.192.32

🇺🇸 74.7.227.40