JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.184.92

209.50.184.92 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 33%: ?

33%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.184.92

Whois 209.50.184.92

IP Abuse Reports for 209.50.184.92:

This IP address has been reported a total of 29 times from 16 distinct sources. 209.50.184.92 was first reported on October 10th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇹 Malta	2026-06-15 15:21:57 (1 day ago)	209.50.184.92 - - [15/Jun/2026:17:21:56 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (X11; Linux ... show more 209.50.184.92 - - [15/Jun/2026:17:21:56 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64; rv:118.0) Gecko/20100101 Firefox/118.0" show less	Hacking Web App Attack
🇬🇧 poundawebsiteltd	2026-06-11 11:31:43 (5 days ago)	WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 209.50.184.92 - - [11/Jun/2026:12:31:40 +0100] P ... show more WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 209.50.184.92 - - [11/Jun/2026:12:31:40 +0100] POST /wp-login.php HTTP/1.1 301 3454 https://[REDACTED_DOMAIN]/wp-login.php Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.15 show less	Web App Attack
🇩🇪 FeG Deutschland	2026-06-01 08:36:16 (2 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇫🇷 ELYAZ	2026-05-31 23:36:17 (2 weeks ago)	(y4) Failed scan -byebye- from 209.50.184.92 (ES/Spain/-): (CF_ENABLE)	Hacking
🇲🇹 Malta	2026-05-29 16:06:25 (2 weeks ago)	209.50.184.92 - - [29/May/2026:18:06:25 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows N ... show more 209.50.184.92 - - [29/May/2026:18:06:25 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Hacking Web App Attack
🇫🇷 pm33	2026-05-25 22:29:02 (3 weeks ago)	Wordpress login attempts	Brute-Force
🇬🇧 PeravixGroup	2026-05-07 00:12:00 (1 month ago)	Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Sever ... show more Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇲🇾 Rizzy	2026-04-20 08:03:23 (1 month ago)	Multiple WAF Violations	Brute-Force Web App Attack
Anonymous	2026-02-11 09:01:00 (4 months ago)	SMS pumping	DDoS Attack VPN IP Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:39 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-08 17:37:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.184.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.184.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 12:37:32.643620 2025] [security2:error] [pid 29599:tid 29607] [client 209.50.184.92:60819] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mhrocket.com"] [uri "/.svn/wc.db"] [unique_id "aTcM3OFGHylkPkpqWn8lEgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 14:33:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.184.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.184.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 09:33:40.824450 2025] [security2:error] [pid 25043:tid 25043] [client 209.50.184.92:13579] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "technoware-lb.com"] [uri "/.env"] [unique_id "aTLtRCP8iEwquCjjQoD1xAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 02:40:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.184.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.184.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 21:40:50.428398 2025] [security2:error] [pid 22834:tid 22834] [client 209.50.184.92:32663] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "teleplussolutions.com"] [uri "/.git/HEAD"] [unique_id "aTJGMqWH2lt0PAdE4Jyb3QAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 01:04:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.184.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.184.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 20:04:37.843263 2025] [security2:error] [pid 18944:tid 18944] [client 209.50.184.92:37543] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kunzteam.com"] [uri "/.git/HEAD"] [unique_id "aTIvpVQ32tWLO-qPA2uulgAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-21 18:27:57 (6 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/21 12:22:59	Port Scan Brute-Force Exploited Host Web App Attack

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 178.209.93.201

🇺🇸 45.79.191.178

🇺🇸 2607:f8b0:4001:c0c::125

🇱🇰 220.247.235.22

🇦🇷 190.244.39.224

🇺🇸 172.245.225.106

🇻🇳 125.212.244.35

🇨🇳 124.193.81.23

🇬🇧 90.252.102.27

🇦🇲 87.241.172.204

🇨🇦 85.217.149.5

🇰🇷 59.6.72.106

🇨🇳 42.249.228.42

🇺🇸 35.221.24.253

🇮🇳 210.212.28.141

🇲🇦 196.217.165.45

🇺🇸 141.148.144.51

🇨🇳 119.4.22.233

🇹🇷 88.225.231.195

🇧🇷 45.205.1.246