JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.184.81

209.50.184.81 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 28%: ?

28%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.184.81

Whois 209.50.184.81

IP Abuse Reports for 209.50.184.81:

This IP address has been reported a total of 19 times from 11 distinct sources. 209.50.184.81 was first reported on November 24th 2025, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 webgobe	2026-06-22 09:21:56 (5 days ago)	wew-Joomla User : try to access forms...	Hacking
🇫🇷 pm33	2026-06-17 04:10:23 (1 week ago)	Wordpress login attempts	Brute-Force
🇺🇸 LSPCCU	2026-06-16 01:41:49 (1 week ago)	TSEC Honeypot Network report. Threat score: 68/100. Categories: Hacking. Honeypot: ssh-telnet, cowri ... show more TSEC Honeypot Network report. Threat score: 68/100. Categories: Hacking. Honeypot: ssh-telnet, cowrie. Context: 209. show less	Hacking
🇺🇸 TAY	2026-06-14 07:38:07 (1 week ago)	209.50.184.81 - - [14/Jun/2026:15:38:04 +0800] "GET /wp-content/plugins/photocart-link/decode.php?id ... show more 209.50.184.81 - - [14/Jun/2026:15:38:04 +0800] "GET /wp-content/plugins/photocart-link/decode.php?id=..%2F..%2F..%2Fwp-config.php HTTP/1.1" 301 571 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0" 209.50.184.81 - - [14/Jun/2026:15:38:06 +0800] "GET /wp-content/plugins/pica-photo-gallery/picadownload.php?imgname=..%2F..%2F..%2Fwp-config.php HTTP/1.1" 301 601 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0" 209.50.184.81 - - [14/Jun/2026:15:38:07 +0800] "GET /wp-content/plugins/pictpress/resize.php?size=..%2F..%2F..%2Fwp-config.php HTTP/1.1" 301 565 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0" ... show less	Brute-Force
🇫🇷 ELYAZ	2026-06-12 02:36:55 (2 weeks ago)	(y4) Failed scan -byebye- from 209.50.184.81 (ES/Spain/-): (CF_ENABLE)	Hacking
🇦🇺 ktwrd	2026-02-19 11:44:00 (4 months ago)	Mastodon account creation spam (advertising AI agents for business, in russian)	Web Spam
🇲🇾 Rizzy	2026-02-12 00:52:44 (4 months ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇱🇻 garmtech.com	2025-12-04 22:56:04 (6 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 00-56.209.50.184.81.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 00-56.209.50.184.81.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 08:49:02 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.184.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.184.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:48:56.377461 2025] [security2:error] [pid 30716:tid 30716] [client 209.50.184.81:12895] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "magicflon.transportadoresaereos.com"] [uri "/.svn/wc.db"] [unique_id "aSa--D9Sq2apsnhZ3cH7VwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 04:28:30 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.184.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.184.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 23:28:23.886830 2025] [security2:error] [pid 7681:tid 7681] [client 209.50.184.81:16457] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.dreamlikeitmatters.com"] [uri "/.git/HEAD"] [unique_id "aSaB5-mTOcOyKEj60WzCLAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:33:09 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.184.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.184.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:33:06.452439 2025] [security2:error] [pid 16145:tid 16145] [client 209.50.184.81:51407] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.ironpagoda.com"] [uri "/.git/HEAD"] [unique_id "aSZm4q0e7nc9D2dUE1kXtAAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2025-11-25 18:01:28 (7 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /.git/HEAD UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-25 05:35:52 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.184.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.184.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:35:46.437379 2025] [security2:error] [pid 1861:tid 1861] [client 209.50.184.81:31715] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.rallyasturias.com"] [uri "/.git/HEAD"] [unique_id "aSVAMlluegW_VM0p0UgbHwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:49:37 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.184.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.184.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:49:30.710973 2025] [security2:error] [pid 2753:tid 2753] [client 209.50.184.81:52057] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "darrow.biz"] [uri "/.git/HEAD"] [unique_id "aSUZOuxnJ8u6Z1K0yqp6igAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:31:25 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.184.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.184.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:31:20.597327 2025] [security2:error] [pid 7119:tid 7119] [client 209.50.184.81:46033] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.verdadesreales.com"] [uri "/.svn/wc.db"] [unique_id "aSUU-LHqhh6SDjh0-E47rQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇪 194.195.91.10

🇺🇸 162.216.149.219

🇨🇳 101.200.243.197

🇬🇧 87.106.65.126

🇩🇪 2a0b:f4c2:1::1

🇺🇸 172.185.167.33

🇻🇳 113.182.15.188

🇰🇷 110.14.190.221

🇨🇳 106.13.39.89

🇸🇪 82.118.29.229

🇧🇾 81.30.98.142

🇧🇬 78.128.114.58

🇺🇦 31.42.178.48

🇺🇸 13.217.222.123

🇸🇬 8.219.221.108

🇦🇪 2.50.228.68

🇨🇳 183.251.230.98

🇮🇳 125.16.27.190

🇵🇱 87.251.64.144

🇸🇪 82.118.29.233