JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.184.121

209.50.184.121 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 53%: ?

53%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.184.121

Whois 209.50.184.121

IP Abuse Reports for 209.50.184.121:

This IP address has been reported a total of 29 times from 18 distinct sources. 209.50.184.121 was first reported on December 2nd 2025, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 georgengelmann	2026-06-20 06:13:43 (10 hours ago)	Failed login attempt for admin001	Brute-Force Web App Attack
🇫🇷 ELYAZ	2026-06-20 06:01:35 (10 hours ago)	(y4) Failed scan -byebye- from 209.50.184.121 (ES/Spain/-): (CF_ENABLE)	Hacking
🇲🇽 octageeks.com	2026-06-20 04:15:48 (12 hours ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇮🇹 Progetto1	2026-06-20 01:15:02 (15 hours ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇲🇹 Malta	2026-06-19 20:15:14 (20 hours ago)	209.50.184.121 - - [19/Jun/2026:22:15:13 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Lin ... show more 209.50.184.121 - - [19/Jun/2026:22:15:13 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64; rv:118.0) Gecko/20100101 Firefox/118.0" show less	Hacking Web App Attack
🇺🇸 lostswordfish.com	2026-06-19 06:10:05 (1 day ago)	Wordfence waf block on ncrsol	Web App Attack
Anonymous	2026-06-19 05:56:59 (1 day ago)	209.50.184.121 - - [19/Jun/2026:13:56:58 +0800] "POST /xmlrpc.php HTTP/1.1" 200 401 "-" "Mozilla/5.0 ... show more 209.50.184.121 - - [19/Jun/2026:13:56:58 +0800] "POST /xmlrpc.php HTTP/1.1" 200 401 "-" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" ... show less	Bad Web Bot Web App Attack
🇲🇹 Malta	2026-06-16 00:48:04 (4 days ago)	209.50.184.121 - - [16/Jun/2026:02:48:03 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintos ... show more 209.50.184.121 - - [16/Jun/2026:02:48:03 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" show less	Hacking Web App Attack
🇬🇷 setupgr	2026-06-12 15:37:59 (1 week ago)	(mod_security) mod_security (id:900001) triggered by 209.50.184.121: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:900001) triggered by 209.50.184.121: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 12 18:37:56.093356 2026] [security2:error] [pid 351529:tid 351557] [client 209.50.184.121:45085] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.pankoskal.gr"] [severity "CRITICAL"] [tag "security"] [hostname "mail.pankoskal.gr"] [uri "/wp-login.php"] [unique_id "aiwn1Gm9gdo9fuJjoHgWjgAAAUE"], referer: https://mail.pankoskal.gr/wp-login.php show less	Port Scan
🇬🇧 spamverify.com	2026-06-12 04:10:58 (1 week ago)	Honeypot Hit: WordPress Login	Web Spam Blog Spam Bad Web Bot Web App Attack
🇺🇸 oncord	2026-03-02 06:26:34 (3 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2026-02-10 02:56:14 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.184.121 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.184.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:56:09.545249 2026] [security2:error] [pid 1163:tid 1163] [client 209.50.184.121:17869] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kingdomway.church"] [uri "/site/.git/config"] [unique_id "aYqeSXD6mSYzNXCPfCD0cAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 01:33:22 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.184.121 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.184.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 20:33:15.379112 2026] [security2:error] [pid 23648:tid 23648] [client 209.50.184.121:26545] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "khodel.info"] [uri "/site/.git/config"] [unique_id "aYqK2_VREpDi7d7sCXl2JwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 18:41:58 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.184.121 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.184.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 13:41:54.399774 2026] [security2:error] [pid 32267:tid 32267] [client 209.50.184.121:61795] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fwa51.com"] [uri "/api/.env"] [unique_id "aYoqck20rFFY4JiD1PwoBwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 16:41:43 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.184.121 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.184.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 11:41:36.967529 2026] [security2:error] [pid 17261:tid 17261] [client 209.50.184.121:38107] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fuegolounge813.com"] [uri "/admin/.git/config"] [unique_id "aYoOQEVciD_U2GOv-hHVcgAAABg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 49.205.147.246

🇦🇲 178.160.228.254

🇮🇳 98.70.3.41

🇮🇩 36.74.215.217

🇩🇪 194.88.98.83

🇬🇧 185.166.40.12

🇺🇸 162.216.150.229

🇩🇪 109.250.3.113

🇷🇴 80.94.92.166

🇷🇴 80.94.92.165

🇻🇳 202.158.244.203

🇻🇳 113.168.60.202

🇮🇳 103.38.219.22

🇧🇷 20.226.73.88

🇮🇳 2409:4090:b001:8830:5d76:f30f:d295:58fb

🇷🇺 185.40.31.18

🇸🇪 158.174.211.17

🇺🇸 147.185.132.21

🇰🇷 115.91.48.142

🇬🇧 87.106.44.172