JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.184.182

209.50.184.182 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 32%: ?

32%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.184.182

Whois 209.50.184.182

IP Abuse Reports for 209.50.184.182:

This IP address has been reported a total of 15 times from 11 distinct sources. 209.50.184.182 was first reported on October 13th 2025, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 poundawebsiteltd	2026-06-22 18:29:47 (1 hour ago)	WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 209.50.184.182 - - [22/Jun/2026:19:29:39 +0100] ... show more WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 209.50.184.182 - - [22/Jun/2026:19:29:39 +0100] POST /wp-login.php HTTP/1.1 200 10080 https://[REDACTED_DOMAIN]/wp-login.php Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36 show less	Web App Attack
🇫🇷 ELYAZ	2026-06-21 14:03:03 (1 day ago)	(y4) Failed scan -byebye- from 209.50.184.182 (ES/Spain/-): (CF_ENABLE)	Hacking
🇫🇷 ELYAZ	2026-06-18 20:21:30 (3 days ago)	(y4) Failed scan -byebye- from 209.50.184.182 (ES/Spain/-): (CF_ENABLE)	Hacking
🇺🇸 mnsf	2026-06-16 02:05:51 (6 days ago)	Login Too Frequent (6)	Brute-Force Web App Attack
🇩🇪 Tha_14	2026-06-12 12:48:12 (1 week ago)	Attempt to log in with non-existing username: alice.tulaeva	Bad Web Bot
🇦🇺 screwlooseit.com.au	2026-05-06 05:55:01 (1 month ago)	Blocked by CSF 13 firewall - Rule: US/United States/-	Web App Attack
🇳🇱 BlueWire Hosting	2026-05-01 17:27:35 (1 month ago)	Probing websites for vulnerabilities	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-31 00:58:58 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-24 07:13:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.184.182 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.184.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:13:15.308406 2025] [security2:error] [pid 17523:tid 17523] [client 209.50.184.182:22911] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "daretodreamproductions.homehealth101.com"] [uri "/.env"] [unique_id "aSQFi9yHRGlZ5yYEcSEJIAAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:38:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.184.182 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.184.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:38:39.254011 2025] [security2:error] [pid 12916:tid 12916] [client 209.50.184.182:48405] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.cygnetsilks.com"] [uri "/.env"] [unique_id "aSP9b6Y2Uepv8j9PSjunwAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:59:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.184.182 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.184.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:59:30.496461 2025] [security2:error] [pid 18194:tid 18298] [client 209.50.184.182:25509] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.viasatsales.com"] [uri "/.git/HEAD"] [unique_id "aSP0Qu9urIyQu8V3f-3u3gAAAI4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:53:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.184.182 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.184.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:53:26.001985 2025] [security2:error] [pid 9086:tid 9086] [client 209.50.184.182:45189] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.musicalmuses.com"] [uri "/.env"] [unique_id "aSPkxt21_6FUcZFami0PLwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2025-11-11 23:55:13 (7 months ago)	(Botnet_distributed) Probably botnet. Call spam script from 209.50.184.182 (ES/Spain/-): 1 in the la ... show more (Botnet_distributed) Probably botnet. Call spam script from 209.50.184.182 (ES/Spain/-): 1 in the last 3600 secs (0-193) show less	Hacking
Anonymous	2025-11-02 13:15:50 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 07:02:18	Port Scan Brute-Force Exploited Host Web App Attack
🇬🇧 N3ilawx	2025-10-13 21:15:55 (8 months ago)	Fail2Ban detect wrong:	Brute-Force Web App Attack

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 192.204.35.134

🇨🇳 111.42.132.19

🇹🇼 110.25.114.8

🇩🇪 69.5.169.93

🇰🇷 1.238.106.229

🇨🇳 223.199.181.20

🇩🇪 194.88.98.121

🇺🇸 172.104.215.178

🇺🇸 162.216.150.33

🇺🇸 147.185.132.176

🇺🇸 147.185.132.153

🇺🇸 147.185.132.132

🇹🇼 125.227.90.20

🇮🇩 103.49.223.111

🇮🇳 92.4.76.12

🇺🇸 66.132.172.212

🇺🇸 66.94.116.236

🇨🇳 60.166.82.229

🇬🇧 51.195.244.193

🇬🇧 35.203.210.58