JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.181.142

209.50.181.142 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.181.142

Whois 209.50.181.142

IP Abuse Reports for 209.50.181.142:

This IP address has been reported a total of 17 times from 7 distinct sources. 209.50.181.142 was first reported on December 2nd 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 jcbriar	2026-02-10 05:17:44 (3 months ago)	Searching for vulnerable scripts	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:47:47 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.142 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:47:43.167255 2026] [security2:error] [pid 9506:tid 9506] [client 209.50.181.142:34245] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kitebeach.com"] [uri "/api/.env"] [unique_id "aYqqXyfM9JwSVxtoXjLHswAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:01:37 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.142 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:01:33.358812 2026] [security2:error] [pid 11060:tid 11060] [client 209.50.181.142:20919] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kidswow.com"] [uri "/.git/config"] [unique_id "aYqRfaTf0T5DCrJmi6ziDgAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 01:25:55 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.142 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 20:25:50.995835 2026] [security2:error] [pid 22164:tid 22164] [client 209.50.181.142:29763] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "khaoula.com"] [uri "/admin/.git/config"] [unique_id "aYqJHhSleKoIkPASbN_YbQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:47:42 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.142 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:47:33.034320 2026] [security2:error] [pid 2600475:tid 2600475] [client 209.50.181.142:21549] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keysenterprise.com"] [uri "/dev/.git/config"] [unique_id "aYqAJRdoLFi_6TG7MvTf5wAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 Anymous	2026-02-10 00:33:39 (3 months ago)	GET /.env.staging HTTP/1.1 403 400 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 ... show more GET /.env.staging HTTP/1.1 403 400 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" show less	Port Scan Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:25:36 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.142 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:25:23.968722 2026] [security2:error] [pid 11019:tid 11019] [client 209.50.181.142:29587] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "huddleston.construction"] [uri "/backup/.git/config"] [unique_id "aYp68yClP_hH__E3PCSy9QAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:52:59 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.142 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:52:48.632220 2026] [security2:error] [pid 1570:tid 1605] [client 209.50.181.142:43811] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "howardhallis.com"] [uri "/admin/.git/config"] [unique_id "aYplQHeVpx3S5SN-NSqdWwAAANg"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2025-12-05 00:09:31 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-02 22:28:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.142 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:28:38.326956 2025] [security2:error] [pid 18849:tid 18849] [client 209.50.181.142:51187] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "teamspiro.com"] [uri "/.env"] [unique_id "aS9oFsOX2UNlQOsK_DIUzwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 08:32:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.142 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 03:32:44.802418 2025] [security2:error] [pid 18558:tid 18558] [client 209.50.181.142:10665] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "phoenixchicagorealty.com"] [uri "/.env"] [unique_id "aS6kLBKBdrDahTXGt0xuDAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 OceanTreasure	2025-12-02 08:05:04 (6 months ago)	tcp/443; AWS credentials file access attempt: "GET /.aws/credentials" @ 2025-12-02T07:58:02Z [proxy]	Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:33:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.142 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:33:45.123393 2025] [security2:error] [pid 26399:tid 26408] [client 209.50.181.142:26623] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sparkhypnotherapy.com"] [uri "/.git/HEAD"] [unique_id "aS56OUhlTJHE6APNwDEpKgAAAIc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:41:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.142 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:41:09.194641 2025] [security2:error] [pid 12740:tid 12740] [client 209.50.181.142:27797] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stoutmen.com"] [uri "/.env"] [unique_id "aS5t5RdLUHmH_oEP5_EGwwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 2400:cb00:997:1000:6163:f154:c574:18c7

🇳🇱 2400:cb00:996:1000:705c:8079:26a:312b

🇳🇱 2400:cb00:996:1000:1dec:741c:3549:8a5

🇳🇱 2400:cb00:995:1000:4faf:632c:9a0a:7ad1

🇨🇳 210.22.149.155

🇺🇸 172.202.118.45

🇨🇳 118.145.111.55

🇳🇱 2400:cb00:994:1000:90f6:7ed2:947b:7129

🇳🇱 2400:cb00:994:1000:252a:9858:d111:778c

🇳🇱 2400:cb00:556:1000:adcc:362:c66e:edbb

🇳🇱 2400:cb00:556:1000:8def:9404:dd2c:2f53

🇳🇱 2400:cb00:556:1000:7b41:8469:2e95:6f17

🇳🇱 2400:cb00:555:1000:eba3:edab:4fbf:f1e5

🇸🇬 202.76.138.215

🇦🇺 170.64.205.73

🇭🇰 165.154.42.100

🇺🇸 159.89.133.48

🇨🇳 153.0.40.82

🇺🇸 134.209.223.219

🇮🇩 103.191.14.210