JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.189.32

209.50.189.32 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 31%: ?

31%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.189.32

Whois 209.50.189.32

IP Abuse Reports for 209.50.189.32:

This IP address has been reported a total of 19 times from 10 distinct sources. 209.50.189.32 was first reported on November 10th 2025, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 lostswordfish.com	2026-06-12 22:02:04 (4 days ago)	Wordfence waf block on decarcerationnation	Web App Attack
🇲🇹 Malta	2026-06-12 08:44:42 (4 days ago)	209.50.189.32 - - [12/Jun/2026:10:44:42 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh ... show more 209.50.189.32 - - [12/Jun/2026:10:44:42 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" show less	Hacking Web App Attack
🇫🇷 pm33	2026-06-11 23:51:28 (5 days ago)	Wordpress login attempts	Brute-Force
🇫🇷 ELYAZ	2026-06-02 02:32:08 (2 weeks ago)	(y4) Failed scan -byebye- from 209.50.189.32 (FR/France/-): (CF_ENABLE)	Hacking
🇫🇷 ELYAZ	2026-05-31 10:33:46 (2 weeks ago)	(y4) Failed scan -byebye- from 209.50.189.32 (FR/France/-): (CF_ENABLE)	Hacking
🇺🇸 dtorrer	2026-05-31 07:32:46 (2 weeks ago)	Brute-force general attack.	Brute-Force
Anonymous	2026-02-17 20:46:44 (3 months ago)	Failed Wordpress login	Hacking Brute-Force Web App Attack
🇮🇹 VHosting	2025-12-23 16:45:23 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇧🇪 madeit	2025-11-30 04:35:27 (6 months ago)		Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:03:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.189.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.189.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:03:04.455541 2025] [security2:error] [pid 20716:tid 20716] [client 209.50.189.32:39983] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.thewarmachineguns.com"] [uri "/.env"] [unique_id "aSaYGJ1I0AzSZqqO_fmcvAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-25 22:02:49 (6 months ago)	IM360 WAF: Laravel .env file access	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:55:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.189.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.189.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:55:28.696168 2025] [security2:error] [pid 4036:tid 4036] [client 209.50.189.32:47755] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.garmeltech.com"] [uri "/.git/HEAD"] [unique_id "aST-gDJhBC9nXqNEH05uqwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:15:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.189.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.189.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:15:27.950350 2025] [security2:error] [pid 11158:tid 11158] [client 209.50.189.32:36659] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.joshuarawlings.com"] [uri "/.git/HEAD"] [unique_id "aSQUH9EHiJq_b6xA4bB6egAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:46:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.189.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.189.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:46:43.020685 2025] [security2:error] [pid 28999:tid 29002] [client 209.50.189.32:41037] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.duplexgoldmine.com"] [uri "/.git/HEAD"] [unique_id "aSQNYxHUG1yMWqoCx_D1vAAAAIA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:13:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.189.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.189.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:12:56.161131 2025] [security2:error] [pid 13942:tid 14018] [client 209.50.189.32:36479] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.cookmanufacturinggroup.com"] [uri "/.env"] [unique_id "aSQFeA9TCbHXOd9uq_eX1wAAAcs"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇪 190.223.60.209

🇭🇰 152.32.135.217

🇺🇸 147.185.132.222

🇨🇱 136.248.242.166

🇰🇷 120.29.140.140

🇵🇱 92.113.115.122

🇺🇸 65.49.1.153

🇮🇩 36.78.102.67

🇺🇸 35.255.164.39

🇺🇸 2001:470:1:fb5::1ed

🇩🇪 172.94.95.12

🇪🇬 156.197.162.150

🇮🇳 122.185.178.134

🇨🇦 104.239.35.55

🇺🇸 104.131.177.75

🇳🇱 91.92.40.6

🇭🇰 47.86.166.68

🇵🇸 46.43.79.158

🇺🇸 216.73.216.189

🇨🇴 206.62.136.130