JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.184.66

209.50.184.66 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 35%: ?

35%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.184.66

Whois 209.50.184.66

IP Abuse Reports for 209.50.184.66:

This IP address has been reported a total of 24 times from 13 distinct sources. 209.50.184.66 was first reported on November 21st 2025, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 poundawebsiteltd	2026-06-24 07:43:08 (4 days ago)	WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 209.50.184.66 - - [24/Jun/2026:08:43:04 +0100] P ... show more WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 209.50.184.66 - - [24/Jun/2026:08:43:04 +0100] POST /wp-login.php HTTP/1.1 200 7362 https://[REDACTED_DOMAIN]/wp-login.php Mozilla/5.0 (X11; Linux x86_64; rv:119.0) Gecko/20100101 Firefox/119.0 show less	Web App Attack
🇫🇷 solution.it	2026-06-20 21:42:51 (1 week ago)	[Sat Jun 20 23:42:49.927413 2026] [php7:error] [pid 1364088:tid 1364088] [client 209.50.184.66:15053 ... show more [Sat Jun 20 23:42:49.927413 2026] [php7:error] [pid 1364088:tid 1364088] [client 209.50.184.66:15053] script '/var/www/html/blog.solution.it/wp-login.php' not found or unable to stat, referer: https://informationsecurity.solution.it/wp-login.php show less	Web App Attack
🇫🇷 ELYAZ	2026-06-20 06:03:35 (1 week ago)	(y4) Failed scan -byebye- from 209.50.184.66 (ES/Spain/-): (CF_ENABLE)	Hacking
🇺🇸 bpolson	2026-06-15 17:11:03 (1 week ago)	WordPress Hacking/Scanning. (s1)	Hacking Web App Attack
🇲🇽 octageeks.com	2026-06-15 04:15:14 (1 week ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇲🇽 octageeks.com	2026-06-12 04:06:44 (2 weeks ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇺🇸 nationaleventpros.com	2026-05-23 13:42:16 (1 month ago)	WordPress login attempt	Brute-Force
🇮🇹 VINA	2026-05-02 02:08:53 (1 month ago)	Banned by SPAMHAUS DROP list	DDoS Attack Hacking Bad Web Bot Web App Attack
🇺🇸 windowsforum	2026-02-28 07:50:25 (4 months ago)	Spam bot registration: triggers=js_challenge, inv_honeypot, pow_fail, username=MariBar25	Web Spam Bad Web Bot
🇺🇸 JustMeHere	2026-02-23 09:26:49 (4 months ago)	[Mon Feb 23 04:26:45.498698 2026] [security2:error] [pid 56864:tid 56899] [client 209.50.184.66:6387 ... show more [Mon Feb 23 04:26:45.498698 2026] [security2:error] [pid 56864:tid 56899] [client 209.50.184.66:63875] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/etc/httpd/modsecurity.d/activated_rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.15.0"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "images.yorknation.com"] [uri "/.git/config"] [unique_id "aZwdVQzEy3n4OoYcwQGWQwAAAIc"] ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:10:47 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.184.66 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.184.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:10:40.029479 2026] [security2:error] [pid 17221:tid 17221] [client 209.50.184.66:41503] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "galeriedorion.com"] [uri "/frontend/.env"] [unique_id "aYo_QDxzHZolr_wT2I9G6gAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 11:27:42 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.184.66 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.184.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 06:27:36.541055 2026] [security2:error] [pid 12389:tid 12389] [client 209.50.184.66:17771] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "galengetting.com"] [uri "/new/.git/config"] [unique_id "aYnEqKM7839vUF6pGtQrQgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 09:01:32 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.184.66 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.184.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 04:01:25.208839 2026] [security2:error] [pid 32681:tid 32681] [client 209.50.184.66:47515] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "g-drome.com"] [uri "/.env.save"] [unique_id "aYmiZYzsSUD2VXTRjBlszAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 07:54:23 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.184.66 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.184.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 02:54:18.284543 2026] [security2:error] [pid 1824799:tid 1824799] [client 209.50.184.66:35963] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fvsllc.com"] [uri "/new/.git/config"] [unique_id "aYmSqngbS6RN0EqSjggnrgAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 afleventoffice.com.au	2026-02-09 01:58:40 (4 months ago)	GET /.aws/credentials HTTP/1.1	Web App Attack

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇴 212.34.11.201

🇹🇭 203.154.158.195

🇳🇱 185.242.226.19

🇳🇱 185.242.226.18

🇺🇸 162.216.149.224

🇧🇷 138.0.246.169

🇨🇳 121.29.84.137

🇲🇲 103.121.226.91

🇳🇱 91.92.40.12

🇳🇱 45.198.224.5

🇲🇼 41.75.114.30

🇱🇹 188.69.225.188

🇽🇰 185.186.83.87

🇨🇳 182.43.76.120

🇫🇷 167.17.64.175

🇺🇸 136.144.35.152

🇵🇰 111.92.145.9

🇩🇪 87.172.233.184

🇺🇸 31.97.7.29

🇩🇪 185.30.32.68