JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.187.145

209.50.187.145 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 20%: ?

20%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.187.145

Whois 209.50.187.145

IP Abuse Reports for 209.50.187.145:

This IP address has been reported a total of 17 times from 10 distinct sources. 209.50.187.145 was first reported on October 1st 2025, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇸🇮 administrator	2026-06-02 22:16:25 (4 days ago)	2026-06-02 00:08:42,490 fail2ban.actions [1162]: NOTICE [ninjafirewall] Ban 209.50.187.145 2 ... show more 2026-06-02 00:08:42,490 fail2ban.actions [1162]: NOTICE [ninjafirewall] Ban 209.50.187.145 2026-06-02 00:08:42,490 fail2ban.actions [1162]: NOTICE [ninjafirewall] Ban 209.50.187.145 ... show less	Bad Web Bot Web Spam Email Spam Blog Spam Port Scan Brute-Force Web App Attack
🇱🇻 garmtech.com	2026-05-31 20:51:51 (1 week ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 23-51.209.50.187.145.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 23-51.209.50.187.145.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2026-05-21 19:43:42 (2 weeks ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:22-43.209.50.187.145	Web App Attack
🇦🇺 oncord	2026-05-21 05:13:38 (2 weeks ago)	Form spam	Web Spam
🇸🇮 administrator	2026-05-04 16:24:12 (1 month ago)	2026-04-11 19:38:06,529 fail2ban.actions [953175]: NOTICE [ninjafirewall] Ban 209.50.187.145 ... show more 2026-04-11 19:38:06,529 fail2ban.actions [953175]: NOTICE [ninjafirewall] Ban 209.50.187.145 2026-04-15 21:41:20,608 fail2ban.actions [1104]: NOTICE [ninjafirewall] Ban 209.50.187.145 2026-04-16 04:31:55,690 fail2ban.actions [1104]: NOTICE [ninjafirewall] Ban 209.50.187.145 ... show less	Bad Web Bot Web Spam Email Spam Blog Spam Port Scan Brute-Force Web App Attack
🇸🇮 administrator	2026-04-16 16:39:02 (1 month ago)	2026-04-15 21:41:20,608 fail2ban.actions [1104]: NOTICE [ninjafirewall] Ban 209.50.187.145 2 ... show more 2026-04-15 21:41:20,608 fail2ban.actions [1104]: NOTICE [ninjafirewall] Ban 209.50.187.145 2026-04-16 04:31:55,690 fail2ban.actions [1104]: NOTICE [ninjafirewall] Ban 209.50.187.145 2026-04-16 18:39:00,375 fail2ban.actions [1104]: NOTICE [ninjafirewall] Ban 209.50.187.145 ... show less	Bad Web Bot Web Spam Email Spam Blog Spam Port Scan Brute-Force Web App Attack
🇱🇻 garmtech.com	2026-03-07 16:20:52 (3 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 18-20.209.50.187.145.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 18-20.209.50.187.145.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 mnsf	2026-02-13 07:05:38 (3 months ago)	Scanning/Probing (25)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:09:28 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.187.145 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.187.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:09:23.726924 2026] [security2:error] [pid 18622:tid 18622] [client 209.50.187.145:49535] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "georgetownca.com"] [uri "/frontend/.env"] [unique_id "aYqhY9OftaePZFuHrOeTFgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-09 21:56:32 (3 months ago)	209.50.187.145 - - [09/Feb/2026:21:56:16 +0000] "GET /api/.git/config HTTP/1.1" 302 3410 "-" "Mozill ... show more 209.50.187.145 - - [09/Feb/2026:21:56:16 +0000] "GET /api/.git/config HTTP/1.1" 302 3410 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 12:58:27 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.187.145 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.187.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 07:58:23.663913 2026] [security2:error] [pid 27582:tid 27582] [client 209.50.187.145:24195] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fundingworkingcapital.com"] [uri "/backup/.git/config"] [unique_id "aYnZ74BU0UWqlU_c9JVcLAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 08:23:23 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.187.145 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.187.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 03:23:15.674537 2026] [security2:error] [pid 29570:tid 29570] [client 209.50.187.145:25451] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fxztrader.com"] [uri "/admin/.env"] [unique_id "aYmZc_Fo02If3Pi5dWIFZQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇷 SOC Blue Team	2026-01-16 17:48:39 (4 months ago)	Tatic: TA0006 \| Technique: T1110 \| Source: TAP \| Country Destination: BR	Brute-Force
🇺🇸 TPI-Abuse	2026-01-14 20:45:17 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.187.145 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.187.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 14 15:45:14.323028 2026] [security2:error] [pid 32621:tid 32621] [client 209.50.187.145:25887] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "comunicacion.com"] [uri "/.svn/wc.db"] [unique_id "aWgAWtApAopvUXtLYqsglAAAACg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-13 18:47:32 (6 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/13 12:43:44	Port Scan Brute-Force Exploited Host Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 194.50.16.73

🇬🇧 188.240.59.44

🇺🇸 107.170.65.169

🇬🇧 87.236.176.34

🇨🇳 61.182.2.26

🇩🇪 194.36.25.19

🇲🇽 187.190.35.163

🇺🇸 180.178.57.82

🇺🇸 172.174.5.146

🇯🇵 168.110.52.228

🇷🇺 94.29.124.154

🇺🇸 76.139.71.98

🇺🇸 216.25.89.104

🇲🇺 197.227.14.33

🇨🇳 117.132.5.139

🇸🇬 103.187.147.165

🇬🇧 87.236.176.5

🇺🇸 40.112.183.29

🇩🇪 195.248.243.247

🇬🇧 188.240.59.56