JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.186.48

209.50.186.48 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 29%: ?

29%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.186.48

Whois 209.50.186.48

IP Abuse Reports for 209.50.186.48:

This IP address has been reported a total of 16 times from 14 distinct sources. 209.50.186.48 was first reported on October 30th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ELYAZ	2026-06-24 05:06:43 (2 days ago)	(y4) Failed scan -byebye- from 209.50.186.48 (IT/Italy/-): (CF_ENABLE)	Hacking
🇮🇩 securejdprop	2026-06-22 00:30:29 (5 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus D ... show more This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus DROP Listed Traffic Inbound group 64). Ip 209.50.186.48 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2026-06-22 00:30:28.25025587 +0000 UTC show less	Hacking Web App Attack
🇺🇸 lostswordfish.com	2026-05-30 10:06:04 (3 weeks ago)	Wordfence waf block on fypeducation	Web App Attack
🇱🇻 garmtech.com	2026-05-28 13:20:11 (4 weeks ago)	IM360 WAF: Prohibited WordPress username login/registration	Web App Attack
Anonymous	2026-05-28 00:52:45 (4 weeks ago)	wordpress authentication brute force	Brute-Force Web App Attack
Anonymous	2026-05-27 04:44:58 (4 weeks ago)	[ssd5.kdns.gr] httpd-login-spray-site: sites=bamhairsalon.gr; logs=/var/log/httpd/domains/bamhairsal ... show more [ssd5.kdns.gr] httpd-login-spray-site: sites=bamhairsalon.gr; logs=/var/log/httpd/domains/bamhairsalon.gr.log; samples=site_wide=true \| distinct_ips=64 \| /wp-login.php show less	Hacking Web App Attack
🇦🇺 oncord	2026-04-03 11:13:26 (2 months ago)	Form spam	Web Spam
Anonymous	2026-02-03 13:21:54 (4 months ago)	wordpress-trap	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2026-01-29 15:42:58 (4 months ago)	WP Login Scan Activities	Web App Attack
Anonymous	2026-01-05 20:01:07 (5 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-28 16:31:40 (5 months ago)	"GET /.aws/credentials HTTP/1.1"	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-28 16:14:21 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.186.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.186.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 11:14:01.279234 2025] [security2:error] [pid 20086:tid 20086] [client 209.50.186.48:53095] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.lazymanvegan.com"] [uri "/.git/HEAD"] [unique_id "aVFXSVT4VlOP58V1Qe1Q5QAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:11:40 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.186.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.186.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:11:32.081027 2025] [security2:error] [pid 21044:tid 21044] [client 209.50.186.48:19255] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.virttee.com"] [uri "/.env"] [unique_id "aSPa9JlMbhu1V8qvSLGn0wAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-14 01:35:32 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.186.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.186.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 20:35:28.647538 2025] [security2:error] [pid 11909:tid 11909] [client 209.50.186.48:34903] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.qovintheloop.org"] [uri "/config.php%7C/.env%7Csettings.py"] [unique_id "aRaHYPOWBpq_nb92NhS_GAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-01 21:08:08 (7 months ago)	[redacted] 209.50.186.48 - - [01/Nov/2025:22:07:55 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "M ... show more [redacted] 209.50.186.48 - - [01/Nov/2025:22:07:55 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0" [redacted] 209.50.186.48 - - [01/Nov/2025:22:07:56 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.20) Gecko/20081217 Firefox/2.0.0.20" [redacted] 209.50.186.48 - - [01/Nov/2025:22:07:57 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.1 Safari/605.1.15" [redacted] 209.50.186.48 - - [01/Nov/2025:22:07:58 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36" [redacted] 209.50.186.48 - - [01/Nov/2025:22:08:01 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Macin ... show less	Hacking Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 2a01:e35:39f2:81b0:91d5:de8b:db11:56c5

🇭🇰 199.45.155.107

🇸🇪 193.181.18.116

🇮🇳 103.70.197.36

🇺🇸 74.125.217.65

🇮🇳 45.123.217.22

🇲🇽 187.216.224.85

🇺🇸 67.162.9.107

🇳🇱 45.156.128.127

🇧🇪 34.140.109.36

🇧🇴 190.129.122.12

🇷🇺 185.179.190.68

🇳🇱 176.65.139.181

🇧🇷 172.69.11.173

🇻🇪 170.245.34.61

🇺🇸 162.216.149.205

🇪🇸 92.186.142.45

🇭🇰 47.83.135.14

🇧🇷 45.205.1.42

🇺🇸 20.169.104.246