JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.191.249

209.50.191.249 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 11%: ?

11%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.191.249

Whois 209.50.191.249

IP Abuse Reports for 209.50.191.249:

This IP address has been reported a total of 18 times from 8 distinct sources. 209.50.191.249 was first reported on October 16th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-04 19:06:33 (1 week ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇫🇮 inlink.ltd	2026-05-29 09:51:36 (2 weeks ago)	Known malicious PHP file or CMS probe	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:04 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-07 12:20:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.191.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.191.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 07:20:41.589588 2025] [security2:error] [pid 24107:tid 24115] [client 209.50.191.249:41989] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ayubhamdardfoundation.org"] [uri "/.git/HEAD"] [unique_id "aTVxGUDdrBlkEJFPk6XGCwAAAEU"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 jjnxpct	2025-12-07 04:54:37 (6 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.git/HEAD (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .git/ found within REQUEST_FILENAME: /.git/HEAD] show less	Hacking Web App Attack
🇳🇱 homeshowdomain.nl	2025-12-06 23:01:51 (6 months ago)	Auto-ban: >3000 req/min op 2025-12-06	Hacking Web App Attack SSH
🇵🇱 sefinek.net	2025-12-06 16:02:24 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-05 10:41:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.191.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.191.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 05:41:33.941274 2025] [security2:error] [pid 26445:tid 26445] [client 209.50.191.249:14333] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rokket.com"] [uri "/.env"] [unique_id "aTK23e9b_jesCwvXzVaozAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 04:28:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.191.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.191.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 23:28:02.805371 2025] [security2:error] [pid 22277:tid 22277] [client 209.50.191.249:24865] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thorndikestudio.com"] [uri "/.svn/wc.db"] [unique_id "aTJfUpDVMh25cNM2Y2vPRwAAACs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 00:49:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.191.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.191.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 19:49:00.852388 2025] [security2:error] [pid 20702:tid 20702] [client 209.50.191.249:57067] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "caribbeantracking.com"] [uri "/.env"] [unique_id "aTIr_P70myiNjEFHi9QXKgAAADY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 22:10:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.191.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.191.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:10:18.679421 2025] [security2:error] [pid 24465:tid 24465] [client 209.50.191.249:52243] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "giantfern.com"] [uri "/.svn/wc.db"] [unique_id "aS9jymmsD1kRQr4FFF9p7wAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 15:18:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.191.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.191.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 10:18:14.843047 2025] [security2:error] [pid 10880:tid 10880] [client 209.50.191.249:30687] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rooksfamily.com"] [uri "/.svn/wc.db"] [unique_id "aS8DNpWcpVTLwk1uk_P_ZwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 08:27:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.191.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.191.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 03:27:32.438650 2025] [security2:error] [pid 20387:tid 20387] [client 209.50.191.249:20677] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "parkplacemotel.com"] [uri "/.svn/wc.db"] [unique_id "aS6i9MvOthF8RsVFEgZKBgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:25:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.191.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.191.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:25:11.776949 2025] [security2:error] [pid 1817000:tid 1817014] [client 209.50.191.249:15925] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ahmedabdelsattar.newtrendmag.org"] [uri "/.git/HEAD"] [unique_id "aSVLx5iXM9qjzOaPIgRSWAAAAUI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:08:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.191.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.191.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:08:00.118196 2025] [security2:error] [pid 8977:tid 8977] [client 209.50.191.249:14803] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.jpwatters.net"] [uri "/.svn/wc.db"] [unique_id "aSUroDVjahIdA_xCS5cThgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 43.156.61.33

🇺🇸 23.95.129.26

🇧🇷 2a09:bac5:dcf:3cd::61:139

🇰🇷 222.108.100.117

🇨🇳 218.62.15.102

🇬🇧 213.249.198.162

🇺🇸 156.232.13.161

🇷🇴 151.242.30.224

🇫🇷 91.196.152.222

🇧🇷 179.228.54.137

🇺🇸 147.185.132.242

🇳🇱 89.21.67.162

🇷🇺 80.70.96.149

🇮🇳 2409:40f2:1183:79ca:a5f4:4014:e503:f6a8

🇧🇷 177.10.203.106

🇮🇹 158.173.77.239

🇮🇹 158.173.77.37

🇰🇷 112.219.151.50

🇨🇳 60.174.39.82

🇬🇧 35.203.211.51