JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.186.117

209.50.186.117 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 42%: ?

42%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.186.117

Whois 209.50.186.117

IP Abuse Reports for 209.50.186.117:

This IP address has been reported a total of 16 times from 12 distinct sources. 209.50.186.117 was first reported on November 13th 2025, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 poundawebsiteltd	2026-06-22 03:23:41 (9 hours ago)	WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 209.50.186.117 - - [22/Jun/2026:04:23:37 +0100] ... show more WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 209.50.186.117 - - [22/Jun/2026:04:23:37 +0100] POST /wp-login.php HTTP/1.1 301 3465 https://[REDACTED_DOMAIN]/wp-login.php Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:118.0) Gecko/20100101 Firefox/118.0 show less	Web App Attack
🇲🇹 Malta	2026-06-22 03:12:13 (9 hours ago)	209.50.186.117 - - [22/Jun/2026:05:12:13 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintos ... show more 209.50.186.117 - - [22/Jun/2026:05:12:13 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; rv:121.0) Gecko/20100101 Firefox/121.0" show less	Hacking Web App Attack
🇫🇷 Sklurk	2026-06-20 04:49:49 (2 days ago)	Web App Attack	Web App Attack
🇫🇷 ELYAZ	2026-06-19 14:28:07 (2 days ago)	(y4) Failed scan -byebye- from 209.50.186.117 (IT/Italy/-): (CF_ENABLE)	Hacking
🇫🇷 tecnicorioja	2026-06-03 22:01:42 (2 weeks ago)	wp-login attack [03/Jun/2026:16:54:12	Brute-Force Web App Attack
🇲🇹 Malta	2026-05-29 16:05:36 (3 weeks ago)	209.50.186.117 - - [29/May/2026:18:05:36 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Lin ... show more 209.50.186.117 - - [29/May/2026:18:05:36 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64; rv:118.0) Gecko/20100101 Firefox/118.0" show less	Hacking Web App Attack
🇩🇪 FeG Deutschland	2026-05-27 04:37:02 (3 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2	Exploited Host Web App Attack
Anonymous	2026-05-26 08:33:02 (3 weeks ago)	[ssd5.kdns.gr] httpd-login-spray-site: sites=kostaspriftis.gr; logs=/var/log/httpd/domains/kostaspri ... show more [ssd5.kdns.gr] httpd-login-spray-site: sites=kostaspriftis.gr; logs=/var/log/httpd/domains/kostaspriftis.gr.log; samples=site_wide=true \| distinct_ips=44 \| /wp-login.php show less	Hacking Web App Attack
🇺🇸 Mundo Bueno	2026-05-26 06:08:47 (3 weeks ago)	[ISILIA Protection v2.1] Tentative d'accès: /wp-json/wp/v2/users \| Pays: DE \| UA: Mozilla/5.0 (X11; ... show more [ISILIA Protection v2.1] Tentative d'accès: /wp-json/wp/v2/users \| Pays: DE \| UA: Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safa show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-28 21:55:13 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.186.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.186.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 16:55:09.003545 2025] [security2:error] [pid 9075:tid 9075] [client 209.50.186.117:52309] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "envirotreecare.com"] [uri "/.git/HEAD"] [unique_id "aVGnPYPw2BeXGSU563agHQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-28 09:12:11 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.186.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.186.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 04:12:03.277997 2025] [security2:error] [pid 14426:tid 14426] [client 209.50.186.117:21113] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "caregiversreprieve.com"] [uri "/.env"] [unique_id "aVD0Y5fWJGS3EoAhjB-_PAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 Shaik Sai Meera	2025-12-27 16:25:11 (5 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇵🇱 Roper123	2025-12-27 13:35:03 (5 months ago)	Web app attack	Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 20:32:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.186.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.186.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 15:32:39.480273 2025] [security2:error] [pid 4646:tid 4646] [client 209.50.186.117:51981] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gatheringsattheschool.com"] [uri "/.env"] [unique_id "aS9M50l8PwrTW7xPwzqR_wAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 13:01:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.186.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.186.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 08:01:23.363623 2025] [security2:error] [pid 28368:tid 28368] [client 209.50.186.117:59839] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jbernsteinpc.com"] [uri "/.git/HEAD"] [unique_id "aS7jI0yqe8spnytlzOLG8QAAABg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 61.37.150.6

🇮🇷 5.53.39.6

🇭🇰 2404:6800:4005:c03::12b

🇨🇳 118.89.111.59

🇨🇦 66.179.10.139

🇫🇷 51.159.179.198

🇺🇸 34.19.127.193

🇺🇸 8.34.210.42

🇷🇴 2.57.121.25

🇺🇸 195.184.76.119

🇮🇳 185.100.212.141

🇺🇸 172.253.221.144

🇨🇳 110.249.202.130

🇨🇭 104.244.74.84

🇮🇩 2001:448a:a071:df9:68f2:67ce:2b82:cfa7

🇰🇷 210.114.1.100

🇯🇵 203.25.124.151

🇷🇴 193.32.162.82

🇸🇬 172.253.84.220

🇵🇰 115.42.75.107