JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.162.1

209.50.162.1 was found in our database!

This IP was reported 31 times. Confidence of Abuse is 20%: ?

20%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.162.1

Whois 209.50.162.1

IP Abuse Reports for 209.50.162.1:

This IP address has been reported a total of 31 times from 19 distinct sources. 209.50.162.1 was first reported on September 28th 2025, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇿 Antinson	2026-06-01 09:05:56 (5 days ago)	Scraping with a high error ratio and request rate	Bad Web Bot
🇫🇷 pm33	2026-05-29 02:58:39 (1 week ago)	Wordpress login attempts	Brute-Force
🇫🇷 pm33	2026-05-25 23:06:06 (1 week ago)	Wordpress login attempts	Brute-Force
🇩🇪 LRob.fr	2026-05-23 09:15:09 (2 weeks ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2025-12-28 02:09:55 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.162.1 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.162.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 21:09:52.139144 2025] [security2:error] [pid 25534:tid 25534] [client 209.50.162.1:30617] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "title6.com"] [uri "/.svn/wc.db"] [unique_id "aVCRcNOdFs88AYnieHIOKAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 22:30:41 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.162.1 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.162.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 17:30:33.629477 2025] [security2:error] [pid 18302:tid 18302] [client 209.50.162.1:11517] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nancybarrera.com"] [uri "/.git/HEAD"] [unique_id "aVBeCQ_DaCdqNr4OgF1LkgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 20:59:23 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.162.1 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.162.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 15:59:20.288836 2025] [security2:error] [pid 538279:tid 538293] [client 209.50.162.1:46563] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.rawsynergy.com"] [uri "/.env"] [unique_id "aVBIqGctF9FToy1454eyowAAAQw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2025-12-27 20:53:18 (5 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
Anonymous	2025-12-26 11:11:02 (5 months ago)	"GET /.aws/credentials HTTP/1.1"	Hacking Web App Attack
🇺🇸 OceanTreasure	2025-12-26 08:45:14 (5 months ago)	tcp/80; SVN repository metadata exposure attempt: "GET /.svn/wc.db" @ 2025-12-26T08:38:31Z [proxy]	Web App Attack
🇪🇸 el-brujo	2025-12-26 06:12:05 (5 months ago)	26/Dec/2025:07:12:05.004005 +0100Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client ... show more 26/Dec/2025:07:12:05.004005 +0100Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client 209.50.162.1] ModSecurity: Warning. Matched phrase ".aws/credentials" at REQUEST_FILENAME. [file "/etc/httpd/modsecurity.d/activated_rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "125"] [id "930130"] [msg "Restricted File Access Attempt"] [data "Matched Data: .aws/credentials found within REQUEST_FILENAME: /.aws/credentials"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.5"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [tag "PCI/6.5.4"] [hostname "parrot.elhacker.net"] [uri "/.aws/credentials"] [unique_id "aU4nNchglLxNekpT-VPgHgAAAyY"] ... show less	Hacking Web App Attack
Anonymous	2025-12-11 01:48:28 (5 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-26 10:09:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.162.1 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.162.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:09:46.587829 2025] [security2:error] [pid 11419:tid 11419] [client 209.50.162.1:17533] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.title-26.com"] [uri "/.svn/wc.db"] [unique_id "aSbR6pc_q1PL1KZaqg9cCAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:07:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.162.1 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.162.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:07:35.120224 2025] [security2:error] [pid 21703:tid 21703] [client 209.50.162.1:29865] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.lesdwiniarczyk.com"] [uri "/.svn/wc.db"] [unique_id "aSTzR7TDqEKZJQtiY3ECYgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 31 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 184.168.20.180

🇮🇳 172.253.230.148

🇨🇳 116.228.233.93

🇺🇸 65.60.61.173

🇺🇿 62.164.148.87

🇺🇸 23.129.64.210

🇮🇹 2.57.170.164

🇰🇷 121.183.240.55

🇫🇮 89.167.10.218

🇸🇬 74.91.224.229

🇸🇬 45.132.75.45

🇫🇷 45.67.217.113

🇺🇦 37.221.136.181

🇬🇧 198.244.183.69

🇸🇬 194.5.82.7

🇨🇳 183.250.248.29

🇺🇸 147.185.132.37

🇰🇷 121.1.80.17

🇬🇧 54.38.147.207

🇬🇧 54.38.147.6