JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.186.96

209.50.186.96 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 10%: ?

10%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.186.96

Whois 209.50.186.96

IP Abuse Reports for 209.50.186.96:

This IP address has been reported a total of 18 times from 7 distinct sources. 209.50.186.96 was first reported on November 2nd 2025, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-06-06 03:39:00 (5 days ago)	dot file probe	Web App Attack
🇮🇩 securejdprop	2026-04-26 19:25:23 (1 month ago)	This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus D ... show more This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus DROP Listed Traffic Inbound group 62). Ip 209.50.186.96 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2026-04-26 19:25:22.245150606 +0000 UTC show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 11:00:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.186.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.186.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:00:39.386081 2025] [security2:error] [pid 1609:tid 1609] [client 209.50.186.96:44485] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.cbrtestsite.com"] [uri "/.svn/wc.db"] [unique_id "aSbd15kFVb60ptJYxXM53wAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:44:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.186.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.186.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:44:47.438138 2025] [security2:error] [pid 27445:tid 27445] [client 209.50.186.96:9165] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.beyondleanbook.com"] [uri "/.git/HEAD"] [unique_id "aSah3yLfCwX6QlFC5Xg4eAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:54:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.186.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.186.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:54:36.567091 2025] [security2:error] [pid 3659:tid 3659] [client 209.50.186.96:18039] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.b9k9.com"] [uri "/.env"] [unique_id "aSaWHPnAcW7CAob12KhrZAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 iNetWorker	2025-11-26 02:12:59 (6 months ago)	trolling for resource vulnerabilities	Web App Attack
🇱🇻 garmtech.com	2025-11-25 22:25:34 (6 months ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇫🇮 Shaik Sai Meera	2025-11-25 19:10:20 (6 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇺🇸 TPI-Abuse	2025-11-25 06:30:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.186.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.186.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:30:30.834268 2025] [security2:error] [pid 1816810:tid 1816945] [client 209.50.186.96:57713] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "legaljob.org.aafm.us"] [uri "/.env"] [unique_id "aSVNBpGZcKt2mCqV6A_SEAAAAkU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:41:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.186.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.186.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:40:53.814103 2025] [security2:error] [pid 27754:tid 27754] [client 209.50.186.96:60411] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.hometechllc.com"] [uri "/.env"] [unique_id "aSUzVf-c17gqM6BTWnLkpQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:22:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.186.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.186.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:21:55.761627 2025] [security2:error] [pid 32193:tid 32193] [client 209.50.186.96:23475] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.transformyourpower.com"] [uri "/.env"] [unique_id "aSUSw8sA4xBoroNncw_kbgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:12:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.186.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.186.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:12:04.531638 2025] [security2:error] [pid 11089:tid 11089] [client 209.50.186.96:26811] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.paintriver.com"] [uri "/.svn/wc.db"] [unique_id "aSQhZAxHawb-gKWxrNGxFAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:43:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.186.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.186.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:43:07.299486 2025] [security2:error] [pid 20517:tid 20517] [client 209.50.186.96:42919] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.holgerfeld.com"] [uri "/.git/HEAD"] [unique_id "aSQam1bluPrFhWhGVgDWwwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:14:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.186.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.186.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:13:47.156017 2025] [security2:error] [pid 7134:tid 7134] [client 209.50.186.96:43327] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.robcruickshank.net"] [uri "/.env"] [unique_id "aSP3m885u9TwsB0SRpxAaQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:55:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.186.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.186.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:54:58.580088 2025] [security2:error] [pid 18325:tid 18332] [client 209.50.186.96:46363] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.backcountrygardens.com"] [uri "/.svn/wc.db"] [unique_id "aSPzMribCkDUtlE56PA7vgAAAEU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 206.237.119.226

🇮🇳 223.233.85.110

🇺🇸 212.56.34.137

🇧🇷 205.210.31.248

🇳🇱 203.159.90.204

🇩🇪 172.71.164.217

🇩🇪 172.71.164.161

🇹🇭 118.193.57.185

🇺🇸 45.79.207.252

🇺🇸 43.135.135.17

🇺🇸 34.235.132.234

🇧🇪 198.235.24.150

🇮🇳 180.214.131.41

🇨🇳 180.153.236.170

🇮🇳 168.144.80.64

🇬🇧 161.35.35.161

🇭🇰 118.193.39.149

🇫🇷 109.176.197.82

🇮🇳 106.51.80.78

🇿🇦 105.233.67.36