JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.189.110

209.50.189.110 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 9%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.189.110

Whois 209.50.189.110

IP Abuse Reports for 209.50.189.110:

This IP address has been reported a total of 20 times from 11 distinct sources. 209.50.189.110 was first reported on November 2nd 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-10 01:52:48 (2 weeks ago)	Web App Attack	Web App Attack
Anonymous	2026-05-08 00:13:05 (1 month ago)	Suspicious WordPress-related activity: 209.50.189.110 - - [08/May/2026:01:13:05 +0100] "GET /wp-jso ... show more Suspicious WordPress-related activity: 209.50.189.110 - - [08/May/2026:01:13:05 +0100] "GET /wp-json/gravitysmtp/v1/tests/mock-data?page=gravitysmtp-settings HTTP/1.1" 200 234 "-" "curl/8.7.1" show less	Hacking Web App Attack
🇩🇪 paissangroup	2026-02-15 12:20:17 (4 months ago)	Multiple WAF Violations	Web App Attack
🇫🇷 dynamix	2026-02-15 06:14:12 (4 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 mnsf	2026-02-15 06:06:07 (4 months ago)	Too many Status 40X (12) Scanning/Probing (13)	Brute-Force Web App Attack
Anonymous	2026-02-11 04:31:16 (4 months ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇺🇸 TPI-Abuse	2026-02-10 03:09:22 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.189.110 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.189.110 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:09:17.459579 2026] [security2:error] [pid 31094:tid 31108] [client 209.50.189.110:59383] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "madtruckerbill.com"] [uri "/backup/.git/config"] [unique_id "aYqhXe9YRKhmU5Oqp0pHQQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:48:42 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.189.110 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.189.110 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:48:36.707165 2026] [security2:error] [pid 7004:tid 7004] [client 209.50.189.110:9465] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ken-parker.com"] [uri "/site/.git/config"] [unique_id "aYpyVEK6JkOlb5oa9eTSFAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:21:36 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.189.110 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.189.110 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:21:29.457458 2026] [security2:error] [pid 24653:tid 24653] [client 209.50.189.110:24293] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hotspringstips.com"] [uri "/new/.git/config"] [unique_id "aYpd6SsUWe7lgdLj9itscQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-05 20:13:16 (5 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇦🇺 MAGIC	2025-12-26 01:14:39 (6 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇦🇺 MAGIC	2025-12-07 00:07:18 (6 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇱🇻 garmtech.com	2025-11-26 07:44:24 (7 months ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 04:49:06 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.189.110 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.189.110 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 23:48:59.834029 2025] [security2:error] [pid 13110:tid 13136] [client 209.50.189.110:52279] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.coloradocritterpics.com"] [uri "/.git/HEAD"] [unique_id "aSaGuxrugngzcnJ5MqpU1QAAARI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 04:31:09 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.189.110 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.189.110 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 23:31:06.759055 2025] [security2:error] [pid 24892:tid 24892] [client 209.50.189.110:21901] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.wisdomwfm.com"] [uri "/.env"] [unique_id "aSaCioz97nfYzu7i3t92hAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.26.231.36

🇹🇼 198.235.24.75

🇺🇸 147.185.132.111

🇺🇸 144.126.223.138

🇨🇳 124.31.104.8

🇨🇳 123.178.210.195

🇫🇮 89.167.35.166

🇺🇸 74.114.28.211

🇵🇱 57.128.214.238

🇬🇧 35.203.211.56

🇺🇸 208.102.26.110

🇺🇸 205.210.31.85

🇻🇪 200.82.150.17

🇨🇳 183.184.52.91

🇨🇳 183.56.243.176

🇦🇷 181.91.101.5

🇺🇸 165.154.135.161

🇵🇪 161.132.206.148

🇭🇰 154.208.77.106

🇬🇧 144.126.195.1