JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.189.50

209.50.189.50 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 12%: ?

12%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.189.50

Whois 209.50.189.50

IP Abuse Reports for 209.50.189.50:

This IP address has been reported a total of 17 times from 4 distinct sources. 209.50.189.50 was first reported on November 25th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-06-26 22:30:10 (2 days ago)		Brute-Force Web App Attack
🇩🇪 Carsten	2026-06-02 23:07:14 (3 weeks ago)	Bad web bot [Mozilla/5.0 (compatible; bulk-validator/1.0)]	Bad Web Bot
🇱🇻 garmtech.com	2026-03-09 02:38:57 (3 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 07:25:01 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.189.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.189.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:24:55.340892 2025] [security2:error] [pid 4160:tid 4160] [client 209.50.189.50:41949] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.crescentcitycafe.org"] [uri "/.env"] [unique_id "aSVZx6BWGSmY_euxWzT4PwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:58:56 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.189.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.189.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:58:50.244829 2025] [security2:error] [pid 20000:tid 20000] [client 209.50.189.50:25363] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.joe.hatfulofrain.com"] [uri "/.svn/wc.db"] [unique_id "aSVTqjVWyxbUSRtur05vmQAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:38:17 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.189.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.189.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:38:13.304877 2025] [security2:error] [pid 19127:tid 19127] [client 209.50.189.50:49175] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.weathercarib.net"] [uri "/.svn/wc.db"] [unique_id "aSVO1fB7rPiHQuV3mk_kVwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:18:06 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.189.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.189.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:18:00.994981 2025] [security2:error] [pid 20818:tid 20818] [client 209.50.189.50:35079] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.sealcoatnj.com"] [uri "/.env"] [unique_id "aSVKGLvbt1SgrBX7sm1xKQAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:24:53 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.189.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.189.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:24:47.393356 2025] [security2:error] [pid 2133:tid 2133] [client 209.50.189.50:22647] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.manosentuayuda.org"] [uri "/.svn/wc.db"] [unique_id "aSU9n_Hx7A5elgkCJWrM-QAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:04:20 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.189.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.189.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:04:12.336628 2025] [security2:error] [pid 23704:tid 23704] [client 209.50.189.50:43093] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.dceabronwilliams.com"] [uri "/.svn/wc.db"] [unique_id "aSU4zEbkTeGW2tAtJVMqmwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:34:29 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.189.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.189.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:34:24.360370 2025] [security2:error] [pid 30595:tid 30595] [client 209.50.189.50:26585] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "compound.modelengines.info"] [uri "/.env"] [unique_id "aSUx0Pg8YjQIqTydiTLv5QAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:11:46 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.189.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.189.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:11:42.869791 2025] [security2:error] [pid 24985:tid 24985] [client 209.50.189.50:32013] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kqdemo.homehealth101.com"] [uri "/.svn/wc.db"] [unique_id "aSUsfle6oMi9TiZ2v61GjQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:37:37 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.189.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.189.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:37:31.241177 2025] [security2:error] [pid 2114:tid 2114] [client 209.50.189.50:28311] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.t1apparel.liddlesports.com"] [uri "/.env"] [unique_id "aSUke7vCEQRGKjfhTeGZBQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:22:28 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.189.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.189.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:22:23.917820 2025] [security2:error] [pid 17022:tid 17047] [client 209.50.189.50:32747] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.chilltech.info"] [uri "/.env"] [unique_id "aSUg72e42NY3FNbGoYCC8gAAAE0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:31:18 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.189.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.189.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:31:11.732419 2025] [security2:error] [pid 30035:tid 30035] [client 209.50.189.50:36509] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.agrizel.com"] [uri "/.git/HEAD"] [unique_id "aSUU74-OQyRUmiiJg5CSsAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:17:40 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.189.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.189.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:17:34.737980 2025] [security2:error] [pid 573:tid 573] [client 209.50.189.50:48861] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.ideaofauniversity.website"] [uri "/.svn/wc.db"] [unique_id "aSUDrs3YueH61O7kldcHqwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.51

🇧🇷 189.69.17.58

🇧🇷 177.71.78.6

🇺🇸 147.185.132.87

🇮🇳 135.13.28.35

🇻🇳 115.78.9.138

🇨🇦 85.217.149.34

🇬🇧 35.203.210.153

🇨🇭 209.99.184.143

🇲🇽 187.189.166.176

🇦🇷 181.25.212.56

🇺🇸 136.113.3.151

🇺🇸 92.205.34.86

🇺🇸 75.88.182.186

🇺🇸 66.132.224.90

🇸🇬 47.84.139.198

🇺🇸 34.181.148.154

🇭🇰 34.92.92.113

🇸🇬 34.21.248.104

🇦🇺 203.185.198.246