JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.182.206

209.50.182.206 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 18%: ?

18%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.182.206

Whois 209.50.182.206

IP Abuse Reports for 209.50.182.206:

This IP address has been reported a total of 29 times from 13 distinct sources. 209.50.182.206 was first reported on October 10th 2025, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇷 setupgr	2026-06-12 15:37:14 (12 hours ago)	(mod_security) mod_security (id:900001) triggered by 209.50.182.206: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:900001) triggered by 209.50.182.206: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 12 18:37:11.838027 2026] [security2:error] [pid 351315:tid 351442] [client 209.50.182.206:18189] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.pankoskal.gr"] [severity "CRITICAL"] [tag "security"] [hostname "mail.pankoskal.gr"] [uri "/wp-login.php"] [unique_id "aiwnpy1k1uOF-ho73AcRlQAAABY"], referer: https://mail.pankoskal.gr/wp-login.php show less	Port Scan
🇬🇷 setupgr	2026-06-12 00:52:56 (1 day ago)	(mod_security) mod_security (id:900001) triggered by 209.50.182.206: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:900001) triggered by 209.50.182.206: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 12 03:52:54.075586 2026] [security2:error] [pid 52835:tid 52894] [client 209.50.182.206:14951] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|alloweddomain2\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: tavernadimitris.com"] [severity "CRITICAL"] [tag "security"] [hostname "tavernadimitris.com"] [uri "/wp-login.php"] [unique_id "aitYZmTUdRqWy5D9zgOwwwAAAAs"], referer: https://tavernadimitris.com/wp-login.php show less	Port Scan
🇫🇷 pm33	2026-06-10 16:22:16 (2 days ago)	Wordpress login attempts	Brute-Force
🇫🇷 ELYAZ	2026-06-09 18:08:11 (3 days ago)	(y4) Failed scan -byebye- from 209.50.182.206 (DE/Germany/-): (CF_ENABLE)	Hacking
🇺🇸 oralunal	2026-03-28 16:47:55 (2 months ago)	IP banned by Fail2Ban in jail ente-suss ente.com-ssl_log mvfnds ...	Bad Web Bot Web App Attack
🇺🇸 nowyouknow	2026-01-01 02:38:11 (5 months ago)	(From [email protected]) Hi, it’s Jayrn. If your site already uses — or is preparing to ... show more (From [email protected]) Hi, it’s Jayrn. If your site already uses — or is preparing to use — affiliate links, this will be relevant. One issue I see constantly is that monetization is treated as something you “add later,” instead of something that’s designed into the site from the beginning. That usually leads to: random placement of links unclear visitor intent unpredictable income It works, but never consistently. I put together a short explanation of why this happens and what changes once monetization is structured properly: https://marketersmentor.com/recurring-income-system.php?refer=burnschiro.com You’ll know quickly whether this applies to your situation. Jayrn PS: And one quick note so you’re not wondering why you’re hearing from me: I only reach out to website owners because they’re the ones actively building something online. I’m not blasting random emails. I’m simply sharing a resource that has been helping a lot of people create predictable online in show less	Phishing Web Spam
🇺🇸 TPI-Abuse	2025-11-28 00:08:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.182.206 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.182.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 19:08:28.967446 2025] [security2:error] [pid 16464:tid 16464] [client 209.50.182.206:50463] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.united-kingdom-boat-registration.com"] [uri "/.svn/wc.db"] [unique_id "aSjn_F5qEFm6Zjrw-15GHAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 05:17:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.182.206 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.182.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 00:17:33.898310 2025] [security2:error] [pid 31982:tid 31982] [client 209.50.182.206:44791] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.speedgo.mx"] [uri "/.env"] [unique_id "aSfe7aQbUSDFiAt6HWOV0AAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 03:19:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.182.206 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.182.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 22:19:42.714219 2025] [security2:error] [pid 27993:tid 27993] [client 209.50.182.206:26495] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.paulzaremba.com"] [uri "/.git/HEAD"] [unique_id "aSZxzoxsqtr3ysqDaenIewAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:43:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.182.206 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.182.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:43:23.284060 2025] [security2:error] [pid 1599:tid 1599] [client 209.50.182.206:41697] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.guardiancns.com"] [uri "/.git/HEAD"] [unique_id "aSZNKwndD9OtUkcFul4C2wAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2025-11-25 23:04:14 (6 months ago)	Auto-ban: >3000 req/min op 2025-11-25	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-25 06:36:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.182.206 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.182.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:36:22.669632 2025] [security2:error] [pid 8420:tid 8420] [client 209.50.182.206:50173] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.jessicabaer.com"] [uri "/.svn/wc.db"] [unique_id "aSVOZgRpDY6Bw4VeNJlMKQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:46:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.182.206 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.182.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:46:23.203243 2025] [security2:error] [pid 26814:tid 26814] [client 209.50.182.206:33091] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.imagesbyaubrey.com"] [uri "/.git/HEAD"] [unique_id "aSVCr6mfI54xVl1EjGbtggAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:09:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.182.206 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.182.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:09:28.830766 2025] [security2:error] [pid 17454:tid 17454] [client 209.50.182.206:60403] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.vittariafashion.com"] [uri "/.svn/wc.db"] [unique_id "aSUr-AvGvm9YVmD9Gz0s7QAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:45:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.182.206 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.182.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:45:27.620387 2025] [security2:error] [pid 28442:tid 28442] [client 209.50.182.206:24909] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.rudiscreations.org"] [uri "/.svn/wc.db"] [unique_id "aSUmV0P3ZIaUgn_l8_TrXwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 172.104.11.4

🇹🇼 107.167.178.88

🇳🇱 80.82.77.139

🇺🇸 44.205.120.192

🇧🇪 35.195.64.38

🇸🇬 34.126.164.149

🇮🇩 34.101.56.95

🇬🇧 193.176.29.3

🇷🇺 188.187.87.105

🇨🇳 180.184.84.77

🇨🇳 119.180.147.216

🇹🇭 118.193.56.229

🇨🇳 112.46.214.94

🇺🇸 47.251.1.246

🇺🇸 45.156.129.54

🇫🇮 34.88.43.14

🇹🇼 198.235.24.109

🇺🇸 173.252.69.115

🇵🇰 160.187.180.175

🇧🇩 103.76.47.163