JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.181.69

209.50.181.69 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 14%: ?

14%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.181.69

Whois 209.50.181.69

IP Abuse Reports for 209.50.181.69:

This IP address has been reported a total of 15 times from 10 distinct sources. 209.50.181.69 was first reported on October 4th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-28 08:15:36 (1 week ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇦🇺 MAGIC	2026-04-19 02:07:56 (1 month ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 mind5t0rm	2026-04-13 12:29:38 (1 month ago)	(WPLOGIN) WP Login Attack 209.50.181.69 (GB/United Kingdom/-): 3 in the last 3600 secs; Ports: ; Di ... show more (WPLOGIN) WP Login Attack 209.50.181.69 (GB/United Kingdom/-): 3 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: 209.50.181.69 - - [13/Apr/2026:19:28:59 +0700] "GET /wp-login.php HTTP/2.0" 200 3113 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0" 209.50.181.69 - - [13/Apr/2026:19:29:15 +0700] "GET /wp-login.php?wp_lang=en_US HTTP/2.0" 200 3113 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" 209.50.181.69 - - [13/Apr/2026:19:29:37 +0700] "POST /wp-login.php?wp_lang=en_US HTTP/2.0" 200 3268 "https://zerowaterthailand.com/wp-login.php?wp_lang=en_US" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" show less	Port Scan
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇳🇱 GabrielJST	2025-12-23 08:46:57 (5 months ago)	Port Scan detected from 209.50.181.69 (GB/United Kingdom/-).	Port Scan
🇬🇧 openstrike.co.uk	2025-12-11 09:16:45 (5 months ago)	9 packets to port 2083	Port Scan
🇪🇸 10dencehispahard SL	2025-12-03 07:57:20 (6 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇫🇷 masterguru	2025-11-25 14:33:58 (6 months ago)	Request content type is not allowed by policy. Match of "within %{tx.allowed_request_content_type}" ... show more Request content type is not allowed by policy. Match of "within %{tx.allowed_request_content_type}" against "TX:content_type" required. (920420-193) show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:19:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.69 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:19:54.954264 2025] [security2:error] [pid 1729:tid 1729] [client 209.50.181.69:39259] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.gods-law.com"] [uri "/.env"] [unique_id "aSQHGs4uaZ2a4jDb-QZEdQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:27:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.69 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:27:11.582573 2025] [security2:error] [pid 30252:tid 30252] [client 209.50.181.69:55819] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.rescuedpekes.com"] [uri "/.git/HEAD"] [unique_id "aSP6v4NUpoQ7gORpr-_QngAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:46:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.69 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:45:20.598018 2025] [security2:error] [pid 3087:tid 3087] [client 209.50.181.69:51661] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.fables4teenagers.com"] [uri "/.svn/wc.db"] [unique_id "aSPw8CkAj48aqUn3FFc-qAAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:31:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.69 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:31:34.423930 2025] [security2:error] [pid 2807:tid 2807] [client 209.50.181.69:52863] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.idahouspsa.com"] [uri "/.env"] [unique_id "aSPfpkQoDUdth7CKrg_v-QAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 oncord	2025-10-10 10:54:13 (7 months ago)	Form spam	Web Spam
🇦🇺 oncord	2025-10-09 04:25:25 (7 months ago)	Form spam	Web Spam
🇦🇺 oncord	2025-10-04 04:09:43 (8 months ago)	Form spam	Web Spam

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 45.178.70.3

🇫🇷 2a02:4780:27:1846:0:90d:a52c:1

🇮🇳 217.21.90.62

🇩🇪 206.81.24.227

🇹🇷 185.128.114.124

🇹🇷 185.128.114.121

🇩🇪 164.92.244.132

🇺🇸 162.216.150.195

🇺🇸 148.153.56.170

🇺🇸 147.185.132.161

🇰🇷 112.175.29.94

🇨🇳 106.53.10.16

🇨🇳 101.201.38.226

🇺🇸 66.132.186.214

🇰🇷 61.37.150.6

🇺🇸 54.145.22.130

🇳🇱 45.148.10.147

🇪🇬 41.38.174.133

🇺🇸 40.80.204.175

🇺🇸 34.224.66.163