JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.183.16

209.50.183.16 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.183.16

Whois 209.50.183.16

IP Abuse Reports for 209.50.183.16:

This IP address has been reported a total of 20 times from 8 distinct sources. 209.50.183.16 was first reported on November 2nd 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇹 Malta	2026-06-27 18:35:00 (1 day ago)	209.50.183.16 - - [27/Jun/2026:20:35:00 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows N ... show more 209.50.183.16 - - [27/Jun/2026:20:35:00 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0" show less	Hacking Web App Attack
🇩🇪 MusicLibrary	2026-04-22 12:26:00 (2 months ago)	Attempted access to sensitive configuration files (.env, .git, etc.)	Bad Web Bot Web App Attack
🇳🇱 ParaBug	2026-04-22 12:19:51 (2 months ago)	209.50.183.16 - - [22/Apr/2026:14:19:50 +0200] "GET http://51-15-23-24.rev.poneytelecom.eu/.env HTTP ... show more 209.50.183.16 - - [22/Apr/2026:14:19:50 +0200] "GET http://51-15-23-24.rev.poneytelecom.eu/.env HTTP/1.1" 403 440 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1" ... show less	Phishing Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 03:56:41 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.183.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.183.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 22:56:37.842894 2026] [security2:error] [pid 26522:tid 26522] [client 209.50.183.16:36823] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kinnerakhareedu.com"] [uri "/backup/.git/config"] [unique_id "aZaJ9akPfDsOikJXqh9UtgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 02:28:31 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.183.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.183.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 21:28:27.583076 2026] [security2:error] [pid 16635:tid 16635] [client 209.50.183.16:25129] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kbalan.com"] [uri "/v2/.git/config"] [unique_id "aZZ1S0PG9-nVDdKqq28rYgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 21:01:24 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.183.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.183.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 16:01:17.100060 2026] [security2:error] [pid 2493665:tid 2493665] [client 209.50.183.16:29281] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ttlatl.com"] [uri "/.env.production"] [unique_id "aZYonZy2tynM3IdQmQ82VAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 20:10:23 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.183.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.183.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 15:10:07.102813 2026] [security2:error] [pid 7580:tid 7580] [client 209.50.183.16:61443] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "trailofcrumbs.com"] [uri "/new/.git/config"] [unique_id "aZYcn9Q6O2Hethp3svVA6gAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 18:40:48 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.183.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.183.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 13:40:43.885546 2026] [security2:error] [pid 15371:tid 15371] [client 209.50.183.16:41993] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thinkerblox.com"] [uri "/dev/.git/config"] [unique_id "aZYHq20HokUjBRpRUcJV8gAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Bensay	2026-02-18 17:28:15 (4 months ago)	[Wed Feb 18 18:28:14.819576 2026] [authz_core:error] [pid 2597112:tid 2597172] [client 209.50.183.16 ... show more [Wed Feb 18 18:28:14.819576 2026] [authz_core:error] [pid 2597112:tid 2597172] [client 209.50.183.16:13859] AH01630: client denied by server configuration: /var/www/empty/app [Wed Feb 18 18:28:14.959756 2026] [authz_core:error] [pid 2597112:tid 2597174] [client 209.50.183.16:13859] AH01630: client denied by server configuration: /var/www/empty/backend ... show less	Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 11:48:11 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.183.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.183.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 06:48:07.739677 2026] [security2:error] [pid 1146:tid 1146] [client 209.50.183.16:34527] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wanderlust-fineartphotos.com"] [uri "/app/.env"] [unique_id "aZWm92ny2GdQ0tHLLQXyDAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2025-11-25 22:59:38 (7 months ago)	Auto-ban: >3000 req/min op 2025-11-25	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-25 04:24:08 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.183.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.183.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:24:01.726536 2025] [security2:error] [pid 786040:tid 786040] [client 209.50.183.16:18259] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.meritfloorstx.com"] [uri "/.git/HEAD"] [unique_id "aSUvYasrWUyMZMR6jvfP4wAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:37:35 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.183.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.183.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:37:31.286240 2025] [security2:error] [pid 8939:tid 8939] [client 209.50.183.16:13251] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.beautifulnoise.com"] [uri "/.svn/wc.db"] [unique_id "aSUWa0fQNqbWhvtbh9bkawAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:39:33 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.183.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.183.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:23:08.528261 2025] [security2:error] [pid 10195:tid 10195] [client 209.50.183.16:10579] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.daterapebooks.com"] [uri "/.svn/wc.db"] [unique_id "aST27CNSV_FzVi-jR8PHeAAAAGA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-24 13:20:10 (7 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 220.118.173.234

🇨🇳 218.0.56.78

🇨🇱 201.238.213.108

🇸🇬 172.217.97.29

🇺🇸 172.69.17.66

🇨🇳 119.51.162.96

🇯🇵 40.126.13.8

🇩🇪 207.154.205.200

🇨🇴 206.62.136.130

🇧🇷 187.87.126.15

🇮🇩 163.223.227.37

🇻🇳 160.187.147.124

🇮🇪 109.255.139.144

🇳🇬 102.88.108.91

🇺🇸 98.159.37.70

🇺🇸 20.163.15.172

🇹🇭 182.52.133.238

🇧🇷 170.82.155.197

🇩🇪 162.19.243.145

🇰🇷 125.132.34.65