JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.163.25

209.50.163.25 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 10%: ?

10%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.163.25

Whois 209.50.163.25

IP Abuse Reports for 209.50.163.25:

This IP address has been reported a total of 27 times from 14 distinct sources. 209.50.163.25 was first reported on September 27th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-04 19:09:35 (2 weeks ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇬🇧 PeravixGroup	2026-05-22 11:41:15 (1 month ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
Anonymous	2026-04-07 01:46:46 (2 months ago)	Forum/form spam	Web Spam
🇨🇳 ThreatBook.io	2026-03-20 00:28:55 (3 months ago)	ThreatBook Intelligence: http_proxy,Zombie more details on https://threatbook.io/ip/209.50.163.25 20 ... show more ThreatBook Intelligence: http_proxy,Zombie more details on https://threatbook.io/ip/209.50.163.25 2026-03-19 04:37:54 /%23/serviceSync 2026-03-19 04:37:55 /actuator 2026-03-19 04:37:54 /phpinfo.php 2026-03-19 04:37:55 /jeecg-boot/actuator/ show less	Web App Attack
Anonymous	2026-02-10 04:31:29 (4 months ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇺🇸 TPI-Abuse	2026-02-10 03:07:32 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:07:27.036372 2026] [security2:error] [pid 989:tid 989] [client 209.50.163.25:50133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "i4agency.com"] [uri "/frontend/.env"] [unique_id "aYqg7-ImxASRy8mafbUppQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:31:05 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:30:58.190064 2026] [security2:error] [pid 17857:tid 17857] [client 209.50.163.25:17347] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ketsuri.com"] [uri "/api/.git/config"] [unique_id "aYp8Quif0Jknuw2BST5H6wAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:47:26 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:47:19.262499 2026] [security2:error] [pid 15124:tid 15124] [client 209.50.163.25:38211] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "houstontenemosunproblema.com"] [uri "/api/.env"] [unique_id "aYpj94vueIJ3L41GWhB5_gAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:25:45 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:25:08.635609 2026] [security2:error] [pid 2412841:tid 2412841] [client 209.50.163.25:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hondabvi.com"] [uri "/frontend/.env"] [unique_id "aYpCpCt92Kzmcs2_lmhJbwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-09 20:06:15 (4 months ago)	Blocking for trying to access an exploit file: /backend/.env	Hacking
🇨🇳 ThreatBook.io	2026-02-08 23:16:04 (4 months ago)	ThreatBook Intelligence: Spam more details on http://threatbook.io/ip/209.50.163.25 2026-02-08 21:27 ... show more ThreatBook Intelligence: Spam more details on http://threatbook.io/ip/209.50.163.25 2026-02-08 21:27:17 /special/index.php?c=search&catid=23%20and%20(select%201%20from%20(select%20count(),concat(md5(1),floor(rand(0)2))x%20from%20information_schema.tables%20group%20by%20x)a) show less	Web App Attack
Anonymous	2026-02-01 18:22:30 (4 months ago)	Forum/form spam	Web Spam
Anonymous	2026-01-16 15:08:05 (5 months ago)	Forum/form spam	Web Spam
🇮🇹 VHosting	2025-12-23 21:15:16 (6 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇩🇪 Packets-Decreaser.NET	2025-11-30 13:09:55 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 155.103.69.40

🇰🇷 121.155.163.79

🇧🇩 114.130.85.36

🇮🇳 103.93.114.51

🇳🇱 64.225.66.10

🇳🇱 45.148.10.151

🇬🇧 35.203.211.212

🇵🇭 27.110.166.67

🇺🇸 20.168.122.17

🇫🇷 2001:41d0:33d:9200::409

🇺🇸 216.25.89.125

🇺🇿 213.230.93.127

🇵🇹 185.182.21.100

🇳🇱 176.65.148.120

🇹🇼 165.154.227.158

🇨🇩 102.206.241.111

🇭🇰 101.36.121.72

🇺🇸 91.230.168.207

🇱🇻 81.30.98.62

🇩🇪 69.5.169.169