JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.191.48

209.50.191.48 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.191.48

Whois 209.50.191.48

IP Abuse Reports for 209.50.191.48:

This IP address has been reported a total of 13 times from 7 distinct sources. 209.50.191.48 was first reported on October 7th 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-23 05:54:18 (3 days ago)	Web App Attack	Web App Attack
🇫🇷 Sklurk	2026-06-20 05:09:04 (6 days ago)	Web App Attack	Web App Attack
Anonymous	2026-01-05 20:08:04 (5 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇨🇭 backslash	2026-01-02 12:05:06 (5 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇩🇪 SCHAPPY	2026-01-02 08:29:44 (5 months ago)	Wordpress attack using blacklisted username detected.	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 07:28:37 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.191.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.191.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:28:28.714164 2025] [security2:error] [pid 12914:tid 12914] [client 209.50.191.48:54551] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.balivisaservice.bellabokoremas.com"] [uri "/.env"] [unique_id "aSVanDG3biiUncflPQ66OwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:45:26 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.191.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.191.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:45:19.239696 2025] [security2:error] [pid 243930:tid 243984] [client 209.50.191.48:26367] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ingeconsultcr.com.bbpuertadelsol.com"] [uri "/.git/HEAD"] [unique_id "aSQpLyGfGLJwz49-AzKTHAAAAIQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:28:00 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.191.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.191.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:27:54.322843 2025] [security2:error] [pid 29169:tid 29169] [client 209.50.191.48:29321] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.briannalls.com"] [uri "/.git/HEAD"] [unique_id "aSQlGnTAsS4nYnqX65jUtwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:46:42 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.191.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.191.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:46:33.931683 2025] [security2:error] [pid 25107:tid 25189] [client 209.50.191.48:51621] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.idwic.com"] [uri "/.env"] [unique_id "aSQNWXwP-7kPfeYpiM7P6AAAAdE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:26:05 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.191.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.191.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:25:47.535097 2025] [security2:error] [pid 9771:tid 9771] [client 209.50.191.48:49841] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "radio.bluegrassexpressband.com"] [uri "/.env"] [unique_id "aSQIew8J2_9-TSkdVUW1cgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:47:44 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.191.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.191.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:47:37.871304 2025] [security2:error] [pid 10228:tid 10228] [client 209.50.191.48:30221] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.edlee.biz"] [uri "/.git/HEAD"] [unique_id "aSPjab44QyLt6rZgzP6IGgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ISPLtd	2025-10-18 21:48:18 (8 months ago)	Oct 18 15:48:17 209.50.191.48 TCP SPT=15757 DPT=22 SYN ...	Port Scan SSH
🇩🇪 Packets-Decreaser.NET	2025-10-07 17:14:01 (8 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇴 2a01:9700:42f1:f801:f458:1208:1ef1:34b0

🇭🇺 195.199.210.194

🇬🇾 190.80.24.240

🇬🇧 185.247.137.92

🇻🇳 116.99.168.247

🇭🇰 116.48.143.166

🇺🇸 98.92.51.115

🇫🇷 88.190.132.168

🇰🇿 86.107.199.93

🇪🇸 79.117.228.23

🇺🇸 20.80.105.86

🇬🇧 2a06:4880:c000::e9

🇦🇷 200.105.105.50

🇬🇧 195.206.182.199

🇬🇹 190.14.143.251

🇮🇳 182.78.240.94

🇩🇪 139.19.117.197

🇨🇳 117.149.196.213

🇻🇳 113.164.66.10

🇨🇳 111.52.249.29