JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.162.3

209.50.162.3 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 30%: ?

30%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.162.3

Whois 209.50.162.3

IP Abuse Reports for 209.50.162.3:

This IP address has been reported a total of 28 times from 17 distinct sources. 209.50.162.3 was first reported on September 27th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-05-30 07:25:18 (1 week ago)	IM360 WAF: Suspicious access attempt to WordPress debug.log (CVE-2024-44000) MV:/wp-content/debug.lo ... show more IM360 WAF: Suspicious access attempt to WordPress debug.log (CVE-2024-44000) MV:/wp-content/debug.log show less	Web App Attack
🇺🇸 mnsf	2026-05-28 22:05:59 (1 week ago)	Scanning/Probing (24)	Brute-Force Web App Attack
🇫🇷 mrcrassi	2026-05-27 21:56:41 (1 week ago)	Triggered Cloudflare WAF (firewallManaged) from US. Action taken: BLOCK Protocol: HTTP/1.1 (GET meth ... show more Triggered Cloudflare WAF (firewallManaged) from US. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /.wp-config.php.swp UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇦🇺 paulshipley.com.au	2026-05-25 12:15:54 (1 week ago)	[Mon May 25 22:15:53.600110 2026] [security2:error] [pid 124265] [client 209.50.162.3:56367] [client ... show more [Mon May 25 22:15:53.600110 2026] [security2:error] [pid 124265] [client 209.50.162.3:56367] [client 209.50.162.3] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "angleseaarthouse.com.au"] [uri "/wp-config.php~"] [unique_id "ahQ9eeRL5Qcuby3vzuJuMAAAAAA"] ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-05-01 23:39:49 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 209.50.162.3 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.162.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 01 19:39:45.018281 2026] [security2:error] [pid 26636:tid 26636] [client 209.50.162.3:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.easy-byte.net"] [uri "/.env"] [unique_id "afU5wUPUb9ghXBe3fs1QSgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 relianoid.com	2026-04-13 08:32:06 (1 month ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇺🇸 TRoden	2026-03-31 10:30:08 (2 months ago)	Geo Block Plugin: Escalation flag(s): rce_attempt	Hacking
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 nowyouknow	2026-01-24 14:41:03 (4 months ago)	(From [email protected]) Tired of low-quality traffic? Join GTC and start getting 100% targeted, ... show more (From [email protected]) Tired of low-quality traffic? Join GTC and start getting 100% targeted, real visitors who are actively searching for your offer. Boost your conversions and grow your business the smart way. Click to Join & Get Targeted Clicks Today! ----> https://morewebtraffic.online/ show less	Phishing Web Spam
🇷🇺 DZBOT	2026-01-21 09:54:58 (4 months ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:07 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇩🇪 botreporter	2025-11-28 11:26:36 (6 months ago)	botnet ignoring robots.txt	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-24 08:38:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.162.3 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.162.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:37:26.810493 2025] [security2:error] [pid 6519:tid 6519] [client 209.50.162.3:10571] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.greetingcardspersonalized.com"] [uri "/.svn/wc.db"] [unique_id "aSQZRo_y7DQIJ6S3gT1CbwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:20:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.162.3 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.162.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:19:41.140549 2025] [security2:error] [pid 3498:tid 3498] [client 209.50.162.3:56717] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.jmarkcapital.com"] [uri "/.git/HEAD"] [unique_id "aSQHDWIjbumqkjOj1xayuQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:08:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.162.3 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.162.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:08:13.491982 2025] [security2:error] [pid 3386950:tid 3386950] [client 209.50.162.3:46661] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.15tobefit.com"] [uri "/.svn/wc.db"] [unique_id "aSP2TQL0quOWkxhCXTaTFAAAACI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇿🇦 165.165.122.12

🇳🇱 81.19.216.110

🇱🇹 77.90.185.46

🇸🇬 45.78.235.96

🇰🇪 41.215.125.250

🇧🇪 34.76.58.207

🇺🇸 192.178.112.146

🇨🇴 181.78.79.236

🇷🇺 176.120.22.113

🇮🇩 103.117.56.152

🇮🇩 36.95.194.52

🇦🇪 20.203.42.204

🇺🇸 209.141.47.217

🇬🇧 193.176.29.3

🇺🇸 104.152.52.225

🇮🇩 103.148.45.95

🇷🇺 85.26.228.68

🇺🇸 69.164.217.74

🇧🇷 35.247.225.93

🇧🇷 35.199.99.143