JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.188.140

209.50.188.140 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 25%: ?

25%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.188.140

Whois 209.50.188.140

IP Abuse Reports for 209.50.188.140:

This IP address has been reported a total of 16 times from 11 distinct sources. 209.50.188.140 was first reported on January 20th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-06-24 03:29:22 (1 day ago)	RDWeb scan	Web App Attack
🇬🇧 spamverify.com	2026-06-03 15:18:11 (3 weeks ago)	Honeypot Hit: WordPress Login	Web Spam Blog Spam Bad Web Bot Web App Attack
🇫🇷 ELYAZ	2026-05-31 09:22:56 (3 weeks ago)	(y4) Failed scan -byebye- from 209.50.188.140 (CA/Canada/-): (CF_ENABLE)	Hacking
🇲🇽 octageeks.com	2026-05-24 04:13:05 (1 month ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇺🇸 lostswordfish.com	2026-05-23 13:46:03 (1 month ago)	Wordfence waf block on parsol	Web App Attack
🇦🇺 nzhost.co.nz	2026-02-19 12:51:56 (4 months ago)	$f2bV_matches	Hacking Brute-Force
🇺🇸 TPI-Abuse	2026-02-19 05:43:57 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.188.140 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.188.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 19 00:43:50.673973 2026] [security2:error] [pid 5938:tid 5938] [client 209.50.188.140:19643] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kulprid.com"] [uri "/backup/.git/config"] [unique_id "aZajFsr8t1sFXhQQevI0qgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 01:29:06 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.188.140 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.188.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 20:29:01.628609 2026] [security2:error] [pid 6656:tid 6717] [client 209.50.188.140:60025] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kandooo.com"] [uri "/.env.production"] [unique_id "aZZnXXn1w6YImX3YkyQ7tQAAAVg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-19 01:05:38 (4 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack
🇬🇧 MrTumnus	2026-02-18 19:34:55 (4 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/appsec-vpatch	Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 19:17:32 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.188.140 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.188.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 14:17:27.250443 2026] [security2:error] [pid 32254:tid 32254] [client 209.50.188.140:43019] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "title34.com"] [uri "/api/.env"] [unique_id "aZYQR1Vkpnt7vcLE7ciUbwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 18:47:26 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.188.140 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.188.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 13:47:19.993713 2026] [security2:error] [pid 21188:tid 21188] [client 209.50.188.140:13643] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thongtracker.com"] [uri "/.env.save"] [unique_id "aZYJN8ZzXQiG69sFcDLiBAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 17:26:25 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.188.140 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.188.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 12:26:20.303617 2026] [security2:error] [pid 12253:tid 12253] [client 209.50.188.140:13531] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "zmgmt.com"] [uri "/admin/.env"] [unique_id "aZX2PCit4TCLqJg0d7r5OwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 12:01:29 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.188.140 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.188.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 07:01:24.009168 2026] [security2:error] [pid 19228:tid 19228] [client 209.50.188.140:55721] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wastetrack.io"] [uri "/backup/.git/config"] [unique_id "aZWqFD5mfEUhjInqp9DkVQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 brantknudson.org	2026-01-20 23:27:45 (5 months ago)	Request path 'GET /.svn/wc.db HTTP/1.1'	Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.51

🇪🇸 172.253.2.218

🇺🇸 91.230.168.171

🇳🇱 91.92.40.12

🇩🇪 89.163.206.178

🇮🇩 69.5.7.218

🇺🇸 67.53.112.182

🇹🇼 61.224.241.223

🇩🇪 43.228.157.155

🇨🇳 218.13.26.42

🇩🇪 193.174.89.19

🇸🇬 185.200.116.80

🇺🇸 170.254.179.96

🇷🇺 109.107.180.140

🇺🇸 109.105.209.17

🇫🇷 91.231.89.117

🇫🇷 82.65.140.218

🇱🇹 45.227.254.170

🇧🇾 37.214.20.224

🇬🇧 5.71.231.121