JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.163.185

209.50.163.185 was found in our database!

This IP was reported 40 times. Confidence of Abuse is 15%: ?

15%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.163.185

Whois 209.50.163.185

IP Abuse Reports for 209.50.163.185:

This IP address has been reported a total of 40 times from 17 distinct sources. 209.50.163.185 was first reported on September 27th 2025, and the most recent report was 17 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 HJ5Ss4Ju	2026-06-20 10:10:47 (17 hours ago)	Blocked by Wordfence (SID 6)	Web App Attack
🇩🇪 4server	2026-06-19 07:05:10 (1 day ago)	[FriJun1909:05:03.4876722026][security2:error][pid1950802:tid1950835][client209.50.163.185:0]ModSecu ... show more [FriJun1909:05:03.4876722026][security2:error][pid1950802:tid1950835][client209.50.163.185:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"mail.chesasilva.ch\"][uri\"/wp-login.php\"][unique_id\"ajTqH2bNIjpUHstbTS8VBQAAABU\"]\,referer:https://mail.chesasilva.ch/wp-login.php show less	Port Scan Brute-Force Web App Attack
🇺🇸 cyfordtechnologies.com	2026-03-23 16:38:32 (2 months ago)	High-abuse ASN prefix: 209.50. : Reported by Cyford API	Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 03:37:25 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.185 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 22:37:18.044656 2026] [security2:error] [pid 15417:tid 15417] [client 209.50.163.185:12353] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kidswow.com"] [uri "/admin/.git/config"] [unique_id "aZaFbuhXxd9PcZwAiJylBwAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 03:01:19 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.185 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 22:01:12.379188 2026] [security2:error] [pid 11500:tid 11500] [client 209.50.163.185:40203] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kennedysplace.com"] [uri "/api/.env"] [unique_id "aZZ8-F6AblvzMx3daAUnDAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-18 20:08:54 (4 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 18:51:15 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.185 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 13:51:12.511237 2026] [security2:error] [pid 2136:tid 2136] [client 209.50.163.185:36997] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "threewillowsfarm.com"] [uri "/backup/.git/config"] [unique_id "aZYKII-BkwW5wKZb6v2EuQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Bensay	2026-02-18 17:28:35 (4 months ago)	[Wed Feb 18 18:28:25.754517 2026] [authz_core:error] [pid 2597112:tid 2597186] [client 209.50.163.18 ... show more [Wed Feb 18 18:28:25.754517 2026] [authz_core:error] [pid 2597112:tid 2597186] [client 209.50.163.185:37877] AH01630: client denied by server configuration: /var/www/empty/config [Wed Feb 18 18:28:35.232784 2026] [authz_core:error] [pid 2597112:tid 2597191] [client 209.50.163.185:37877] AH01630: client denied by server configuration: /var/www/empty/dev ... show less	Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 12:49:54 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.185 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 07:49:49.403536 2026] [security2:error] [pid 6240:tid 6240] [client 209.50.163.185:57253] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wendykim.com"] [uri "/admin/.env"] [unique_id "aZW1bWyrFN6BvojihvkkLAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 relianoid.com	2026-02-01 04:55:29 (4 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:02:12 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇵🇱 sefinek.net	2025-12-28 02:08:18 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:114.0) Gecko/20100101 Firefox/114.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇱🇻 garmtech.com	2025-12-07 00:01:13 (6 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 02-01.209.50.163.185.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 02-01.209.50.163.185.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 19:02:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.185 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 14:02:47.014015 2025] [security2:error] [pid 27023:tid 27023] [client 209.50.163.185:31981] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "admiralpointe.com"] [uri "/.git/HEAD"] [unique_id "aSigV4yTSNukH5BLfboyLwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 09:17:51 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 40 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2a03:2880:18ff:50::

🇨🇳 182.43.164.191

🇺🇸 162.216.149.124

🇳🇱 159.223.218.15

🇨🇳 115.190.52.176

🇬🇭 102.223.92.101

🇳🇱 45.156.87.93

🇺🇸 44.109.77.97

🇳🇱 34.32.217.126

🇶🇦 20.173.116.24

🇺🇸 20.168.122.61

🇨🇳 8.148.232.140

🇲🇽 187.188.62.66

🇺🇸 162.216.149.119

🇨🇳 123.160.232.72

🇮🇳 103.101.59.241

🇺🇸 100.29.192.75

🇳🇱 91.92.40.29

🇺🇸 44.214.44.91

🇮🇳 103.140.142.146