JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.162.138

209.50.162.138 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.162.138

Whois 209.50.162.138

IP Abuse Reports for 209.50.162.138:

This IP address has been reported a total of 21 times from 10 distinct sources. 209.50.162.138 was first reported on September 26th 2025, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-23 04:22:12 (4 days ago)	Web App Attack	Web App Attack
🇫🇷 Sklurk	2026-06-20 00:13:14 (1 week ago)	Web App Attack	Web App Attack
🇵🇱 nfsec.pl	2026-01-22 04:32:26 (5 months ago)	209.50.162.138 - - [22/Jan/2026:04:32:18 +0000] "GET /index.php?option=com_search&searchword=%20atak ... show more 209.50.162.138 - - [22/Jan/2026:04:32:18 +0000] "GET /index.php?option=com_search&searchword=%20atak&searchphrase=exact%27%20WHERE%205563%3D5563%20AND%20CHAR%28108%29%7C%7CCHAR%28102%29%7C%7CCHAR%2898%29%7C%7CCHAR%28101%29%3DREGEXP_SUBSTRING%28REPEAT%28LEFT%28CRYPT_KEY%28CHAR%2865%29%7C%7CCHAR%2869%29%7C%7CCHAR%2883%29%2CNULL%29%2C0%29%2C500000000%29%2CNULL%29--%20QISP&ordering=newest HTTP/1.1" 403 5842 "-" "Mozilla/5.0 (X11; CrOS x86_64 14816.131.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 209.50.162.138 - - [22/Jan/2026:04:32:20 +0000] "GET /index.php?option=com_search&searchword=%20atak&searchphrase=exact%22%20WHERE%205637%3D5637%20AND%20CHAR%28108%29%7C%7CCHAR%28102%29%7C%7CCHAR%2898%29%7C%7CCHAR%28101%29%3DREGEXP_SUBSTRING%28REPEAT%28LEFT%28CRYPT_KEY%28CHAR%2865%29%7C%7CCHAR%2869%29%7C%7CCHAR%2883%29%2CNULL%29%2C0%29%2C500000000%29%2CNULL%29--%20RPtw&ordering=newest HTTP/1.1" 403 5842 "-" "Mozilla/5.0 (X11; CrOS x86_64 14816.131.0) AppleWebKit/537.36 ... show less	Exploited Host Web App Attack
🇮🇹 VHosting	2025-12-23 22:35:19 (6 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
Anonymous	2025-12-09 08:06:18 (6 months ago)	botnet	DDoS Attack
Anonymous	2025-12-03 09:00:16 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-24 07:20:39 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.162.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.162.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:20:30.581222 2025] [security2:error] [pid 20980:tid 20980] [client 209.50.162.138:34755] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.pennygillespie.com"] [uri "/.git/HEAD"] [unique_id "aSQHPoVWAnqGgC7T75sz_wAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:13:51 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.162.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.162.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:13:45.694963 2025] [security2:error] [pid 3965261:tid 3965316] [client 209.50.162.138:32923] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.tbdesigned.com"] [uri "/.env"] [unique_id "aSPpiR7XGNzpCBYjvUv0rAAAAlI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:31:54 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.162.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.162.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:31:35.223178 2025] [security2:error] [pid 3290048:tid 3290048] [client 209.50.162.138:59957] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.montymilburn.com"] [uri "/.git/HEAD"] [unique_id "aSPfpwXbEFJBF50wLuFHdgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:03:34 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.162.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.162.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:03:26.660209 2025] [security2:error] [pid 19221:tid 19221] [client 209.50.162.138:9787] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.scala-global.com"] [uri "/.git/HEAD"] [unique_id "aSPZDhZS4AApouCv-LdsAwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-13 20:53:07 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-11-02 15:29:38 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 07:40:15	Port Scan Brute-Force Exploited Host Web App Attack
Anonymous	2025-10-17 14:24:18 (8 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇨🇦 wil.com	2025-10-14 14:36:20 (8 months ago)	GlobalProtect login attempts with user sstory.	VPN IP Brute-Force
🇺🇸 fbarela	2025-10-12 08:01:13 (8 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 167.94.145.19

🇩🇪 164.92.161.148

🇧🇩 150.228.135.135

🇷🇺 94.103.3.226

🇮🇹 5.99.196.202

🇺🇸 107.173.223.229

🇸🇬 103.250.11.63

🇸🇬 15.235.198.179

🇺🇸 192.178.115.217

🇲🇽 177.241.33.4

🇵🇭 154.18.197.35

🇺🇸 129.146.117.252

🇨🇳 112.46.212.18

🇫🇷 64.204.13.214

🇯🇵 43.165.167.69

🇰🇷 1.214.214.114

🇩🇪 193.124.20.245

🇫🇷 159.26.112.108

🇮🇳 157.50.145.55

🇻🇳 101.99.14.34