JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.181.149

209.50.181.149 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 3%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.181.149

Whois 209.50.181.149

IP Abuse Reports for 209.50.181.149:

This IP address has been reported a total of 14 times from 5 distinct sources. 209.50.181.149 was first reported on November 24th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-09 19:28:09 (1 week ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 TPI-Abuse	2026-02-10 03:52:57 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:52:52.755280 2026] [security2:error] [pid 2738886:tid 2738886] [client 209.50.181.149:55129] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kittensquid.com"] [uri "/.git/config"] [unique_id "aYqrlL4hPeTs8b0vL3kr3QAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:06:47 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:06:37.391543 2026] [security2:error] [pid 11367:tid 11367] [client 209.50.181.149:22641] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kingstoneproperties.com"] [uri "/v2/.git/config"] [unique_id "aYqgvaaoBV4BaFdgFS6pDAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-10 02:24:42 (4 months ago)	Blocking for trying to access an exploit file: /backup/.git/config	Hacking
🇺🇸 TPI-Abuse	2026-02-09 23:36:56 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:36:53.576613 2026] [security2:error] [pid 2750:tid 2750] [client 209.50.181.149:40465] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hshs82.com"] [uri "/.env"] [unique_id "aYpvlchkjWoewXDZKn2F6gAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:44:46 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:44:39.638871 2026] [security2:error] [pid 6554:tid 6554] [client 209.50.181.149:34375] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "honigcpa.com"] [uri "/v2/.git/config"] [unique_id "aYpHN-3R249nX5H5Go5FrgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-16 14:34:57 (5 months ago)	wordpress-trap	Web App Attack
🇪🇸 loadsoporte	2025-11-26 08:47:20 (6 months ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇺🇸 TPI-Abuse	2025-11-26 05:36:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:36:27.518541 2025] [security2:error] [pid 31060:tid 31060] [client 209.50.181.149:39141] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.bjennehall.com"] [uri "/.svn/wc.db"] [unique_id "aSaR22uFtoASo-eMOV-qTwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:49:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:49:03.576859 2025] [security2:error] [pid 2738:tid 2738] [client 209.50.181.149:24185] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.atcreport.com"] [uri "/.env"] [unique_id "aSQN7xBt22HJ5ZWG9onVJwAAADg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:59:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:59:06.393078 2025] [security2:error] [pid 26378:tid 26378] [client 209.50.181.149:33619] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.jitterbugperfume.com"] [uri "/.env"] [unique_id "aSQCOg2l5c8AX48ZuigswAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:56:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:56:44.139847 2025] [security2:error] [pid 4133561:tid 4133566] [client 209.50.181.149:49275] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "myhoustonplasticsurgery.com.aafm.us"] [uri "/.svn/wc.db"] [unique_id "aSPznM6lE8qghk7QOEVEigAAAEE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:20:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:20:38.647600 2025] [security2:error] [pid 2268:tid 2268] [client 209.50.181.149:43129] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.cyber-matrix.org"] [uri "/.git/HEAD"] [unique_id "aSPrJow7wqbxCbRoe621_wAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:32:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:32:38.179510 2025] [security2:error] [pid 9778:tid 9778] [client 209.50.181.149:10837] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.bodybuildbid.com"] [uri "/.git/HEAD"] [unique_id "aSPf5h2WKKiKXWIh7LQARAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 103.146.158.57

🇫🇷 90.3.37.230

🇨🇦 85.217.149.48

🇭🇰 45.142.154.99

🇨🇳 36.144.74.39

🇬🇧 35.203.210.106

🇧🇷 205.210.31.145

🇮🇹 188.152.238.126

🇮🇩 182.9.48.180

🇺🇸 136.112.211.88

🇮🇳 125.19.160.206

🇫🇷 85.217.140.11

🇺🇸 66.132.186.170

🇺🇸 50.6.228.32

🇺🇸 44.143.194.150

🇬🇧 193.163.125.247

🇸🇦 188.52.48.146

🇧🇷 179.184.85.167

🇺🇸 173.48.128.117

🇫🇮 172.253.83.214