JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.185.200

209.50.185.200 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 11%: ?

11%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.185.200

Whois 209.50.185.200

IP Abuse Reports for 209.50.185.200:

This IP address has been reported a total of 7 times from 5 distinct sources. 209.50.185.200 was first reported on September 29th 2025, and the most recent report was 22 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 FeG Deutschland	2026-06-11 11:47:08 (22 hours ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇩🇪 4server	2026-04-21 08:05:16 (1 month ago)	[TueApr2110:05:10.6669042026][security2:error][pid3025243:tid3025350][client209.50.185.200:0]ModSecu ... show more [TueApr2110:05:10.6669042026][security2:error][pid3025243:tid3025350][client209.50.185.200:0]ModSecurity:Accessdeniedwithcode403$phase1$.Patternmatch\"$\?i$$\?:/\(\?:\^\\|/$\\\\\\\\.$env\\|git\\|svn\\|hg\\|DS_Store$\\|/$\?:wp-config\\|\\\\\\\\.htaccess\\|\\\\\\\\.htpasswd$\\|\\\\\\\\.$\?:sql\\|bak\\|old\\|log$\$\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"156\"][id\"960720\"][msg\"Forbiddenfileaccessattempt\"][severity\"CRITICAL\"][hostname\"eselectronic.ch\"][uri\"/db.sql\"][unique_id\"aecvtmR1Z2zCLsvvYp9bKwAAAFU\"] show less	Port Scan Brute-Force Web App Attack
🇧🇪 voormedia	2026-02-26 00:52:14 (3 months ago)	Accessed trap at '/xmlrpc.php'	Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:05:41 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.185.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.185.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:05:35.751918 2026] [security2:error] [pid 12808:tid 12815] [client 209.50.185.200:13421] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "madring.click"] [uri "/app/.git/config"] [unique_id "aYqgfytDVRwtbLhRmDQEJQAAAUU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:22:57 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.185.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.185.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:22:52.354266 2026] [security2:error] [pid 5269:tid 5275] [client 209.50.185.200:24783] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kimbleproperties.com"] [uri "/.env"] [unique_id "aYqWfLk8htmo_Z-NcJ692wAAAIQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:20:51 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.185.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.185.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:20:42.408278 2026] [security2:error] [pid 17297:tid 17297] [client 209.50.185.200:63227] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keeran.org"] [uri "/new/.git/config"] [unique_id "aYpryk0Dt0RVGeBaFrX0SgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Phenix Info	2025-09-29 12:10:06 (8 months ago)	SSH Login failed	Brute-Force SSH

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 209.126.83.166

🇨🇭 209.99.189.177

🇳🇱 193.176.31.215

🇻🇳 116.110.149.163

🇨🇳 101.96.201.243

🇹🇼 198.235.24.126

🇩🇪 154.194.88.232

🇫🇷 84.247.185.85

🇪🇸 82.159.176.21

🇭🇰 47.238.224.91

🇳🇱 45.148.10.200

🇮🇷 31.14.86.2

🇮🇶 185.166.25.150

🇮🇹 185.15.168.188

🇬🇧 172.94.9.120

🇹🇭 118.193.57.59

🇺🇸 109.105.210.100

🇮🇳 106.0.59.2

🇺🇸 103.143.231.2

🇺🇸 73.21.28.14