JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.186.50

209.50.186.50 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 3%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.186.50

Whois 209.50.186.50

IP Abuse Reports for 209.50.186.50:

This IP address has been reported a total of 18 times from 9 distinct sources. 209.50.186.50 was first reported on September 29th 2025, and the most recent report was 17 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ELYAZ	2026-06-21 17:06:55 (17 hours ago)	(y4) Failed scan -byebye- from 209.50.186.50 (IT/Italy/-): (CF_ENABLE)	Hacking
🇱🇻 garmtech.com	2026-03-14 23:50:43 (3 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
Anonymous	2026-01-05 20:27:34 (5 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇳🇱 homeshowdomain.nl	2026-01-02 23:00:47 (5 months ago)	Auto-ban: >3000 req/min op 2026-01-02	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-12-29 06:14:57 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.186.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.186.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:14:51.289190 2025] [security2:error] [pid 2789:tid 2789] [client 209.50.186.50:18367] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bethanpearce.com"] [uri "/.svn/wc.db"] [unique_id "aVIcW-eOubCXzVwLJkMQBAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 03:30:48 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.186.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.186.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 22:30:44.851510 2025] [security2:error] [pid 4568:tid 4586] [client 209.50.186.50:57741] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "beelineproductions.com"] [uri "/.git/HEAD"] [unique_id "aVH15HvCBCsFcA3iSuEGAwAAAIw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 technojoe99	2025-11-27 13:52:40 (6 months ago)	Exploit scan from 209.50.186.50. GET /.aws/credentials HTTP/1.1.	Web App Attack
🇺🇸 OceanTreasure	2025-11-25 18:35:07 (6 months ago)	tcp/443; AWS credentials file access attempt: "GET /.aws/credentials" @ 2025-11-25T18:31:20Z [proxy]	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:18:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.186.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.186.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:18:04.618496 2025] [security2:error] [pid 13895:tid 13911] [client 209.50.186.50:11749] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "juantrece.com.emehache.net"] [uri "/.svn/wc.db"] [unique_id "aSU8DMqATJ-N2rrGOLaJiQAAAU4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:56:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.186.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.186.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:56:48.397669 2025] [security2:error] [pid 1327:tid 1327] [client 209.50.186.50:18157] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.muebleriamac.com"] [uri "/.env"] [unique_id "aSUpAA8an3lDrAh7q_d83gAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:27:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.186.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.186.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:27:26.441146 2025] [security2:error] [pid 728899:tid 728899] [client 209.50.186.50:52897] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.aholsniffsglue.com"] [uri "/.env"] [unique_id "aSUiHoBajxqbi6oGdtCN6AAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:10:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.186.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.186.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:09:56.978000 2025] [security2:error] [pid 30585:tid 30585] [client 209.50.186.50:19067] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.sarahgrammer.com"] [uri "/.git/HEAD"] [unique_id "aSUeBMKv54WljBdVOg9T-wAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:02:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.186.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.186.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:02:52.733893 2025] [security2:error] [pid 25553:tid 25553] [client 209.50.186.50:44483] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.centrodentalsindolor.com"] [uri "/.git/HEAD"] [unique_id "aSUOTOVDoYVVQeb3WFWjtwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:34:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.186.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.186.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:34:34.498755 2025] [security2:error] [pid 16527:tid 16527] [client 209.50.186.50:59963] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.genesis-castle.com"] [uri "/.git/HEAD"] [unique_id "aSUHqqlRZn0AVGuUQYVE9AAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:58:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.186.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.186.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:58:15.337099 2025] [security2:error] [pid 30480:tid 30480] [client 209.50.186.50:23195] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "okeetokee.okeetokee.org"] [uri "/.env"] [unique_id "aST_J-0wWRxj5mBW0gC6tAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.139.36

🇨🇳 121.228.126.172

🇫🇮 45.154.244.2

🇺🇸 44.195.158.232

🇺🇸 34.199.229.234

🇺🇸 3.223.167.178

🇪🇸 185.121.15.184

🇨🇳 182.138.158.30

🇸🇪 171.25.158.57

🇮🇳 162.216.140.11

🇨🇳 116.255.159.152

🇺🇸 98.84.223.204

🇺🇸 65.49.1.13

🇨🇳 58.209.82.167

🇺🇸 52.73.153.168

🇸🇬 47.84.225.215

🇩🇪 45.3.45.184

🇺🇸 44.220.188.76

🇺🇸 35.231.224.252

🇺🇸 35.175.163.127