JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.185.48

209.50.185.48 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.185.48

Whois 209.50.185.48

IP Abuse Reports for 209.50.185.48:

This IP address has been reported a total of 14 times from 7 distinct sources. 209.50.185.48 was first reported on October 29th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 oncord	2026-04-11 06:09:07 (1 month ago)	Form spam	Web Spam
🇫🇮 000rosiu	2026-02-11 17:07:07 (3 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protocol: HTTP/1.1 (GET method) Endpoint: /admin/.git/config Timestamp: 2026-02-11T17:03:13Z Ray ID: 9cc56b1dfdf623d4 UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Report generated by Cloudflare-WAF-To-AbuseIPDB: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇳🇿 FaB Property Group	2026-02-10 11:45:58 (3 months ago)	Requested file: .aws/credentials	Web App Attack
Anonymous	2026-02-10 04:31:17 (3 months ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇺🇸 TPI-Abuse	2026-02-10 02:58:37 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.185.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.185.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:58:21.684297 2026] [security2:error] [pid 29828:tid 29828] [client 209.50.185.48:27567] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kingmansvc.com"] [uri "/.env.local"] [unique_id "aYqezb1oL-aB9K2py5qyeQAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:04:15 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.185.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.185.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:04:09.498049 2026] [security2:error] [pid 2134542:tid 2134542] [client 209.50.185.48:29799] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kentsavagelaw.com"] [uri "/.env"] [unique_id "aYp1-Zf9CZPEdPBFpioY3wAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:37:02 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.185.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.185.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:36:54.421867 2026] [security2:error] [pid 10915:tid 10915] [client 209.50.185.48:36935] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hshr.com"] [uri "/.env.staging"] [unique_id "aYpvlmRzbWwd87pRz2nEWAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:32:04 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.185.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.185.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:31:58.306766 2026] [security2:error] [pid 16149:tid 16149] [client 209.50.185.48:34379] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "honeybeeplace.com"] [uri "/.env.production"] [unique_id "aYpEPo0-T2tvZ6cDMfy4ZgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 jjnxpct	2025-11-26 04:56:45 (6 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.aws/credentials (Rule ID: 930130) - Restricted File Access Attempt show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:37:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.185.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.185.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:37:18.074979 2025] [security2:error] [pid 16806:tid 16806] [client 209.50.185.48:20909] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dgroupsa.com"] [uri "/.git/HEAD"] [unique_id "aSUkblBm4GvKYJDCEyqhlgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:42:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.185.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.185.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:42:14.504567 2025] [security2:error] [pid 32303:tid 32303] [client 209.50.185.48:22361] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.nifeconsult.com"] [uri "/.env"] [unique_id "aSUXhjB401aYaffVb5b9_wAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:09:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.185.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.185.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:09:24.189721 2025] [security2:error] [pid 19007:tid 19007] [client 209.50.185.48:55749] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pastorsform.cmabiblequizzing.org"] [uri "/.git/HEAD"] [unique_id "aSUP1HKgzEL6T-jKOnc1bwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:13:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.185.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.185.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:13:19.129507 2025] [security2:error] [pid 19790:tid 19790] [client 209.50.185.48:21417] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.eandgenergy.com"] [uri "/.env"] [unique_id "aSUCrznHskljqXg30cHclAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Marc	2025-10-29 18:14:03 (7 months ago)		Brute-Force Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.218.206.90

🇧🇷 190.107.95.230

🇩🇪 176.65.132.149

🇷🇺 170.168.72.153

🇻🇳 160.25.166.88

🇰🇷 112.216.129.27

🇨🇳 101.126.22.12

🇺🇸 100.29.192.44

🇺🇸 66.132.172.198

🇨🇳 116.132.82.182

🇭🇰 45.142.154.98

🇺🇸 43.162.99.8

🇧🇪 34.76.166.144

🇩🇪 176.100.37.241

🇵🇱 143.20.97.223

🇬🇧 2a06:4882:5000::4f

🇮🇪 185.192.16.188

🇨🇳 180.113.220.185

🇺🇸 147.185.132.83

🇨🇳 101.76.248.214