JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.163.4

209.50.163.4 was found in our database!

This IP was reported 54 times. Confidence of Abuse is 18%: ?

18%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.163.4

Whois 209.50.163.4

IP Abuse Reports for 209.50.163.4:

This IP address has been reported a total of 54 times from 22 distinct sources. 209.50.163.4 was first reported on September 26th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 mrcrassi	2026-05-28 23:58:15 (1 week ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (POST meth ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (POST method) Endpoint: /wp-login.php UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 lostswordfish.com	2026-05-27 13:34:05 (2 weeks ago)	Wordfence waf block on registrymatters	Web App Attack
Anonymous	2026-05-26 08:48:21 (2 weeks ago)	[server.tmg.gr] httpd-login-spray-site: sites=add2021.gr; logs=/var/log/httpd/domains/add2021.gr.log ... show more [server.tmg.gr] httpd-login-spray-site: sites=add2021.gr; logs=/var/log/httpd/domains/add2021.gr.log; samples=site_wide=true \| distinct_ips=64 \| /wp-login.php show less	Hacking Web App Attack
🇵🇱 sefinek.net	2026-02-19 12:55:07 (3 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2026-02-05 21:50:49 (4 months ago)	wordpress-trap	Web App Attack
🇵🇱 sefinek.net	2026-02-04 18:46:00 (4 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Vivaldi/5.3.2679.68 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇪🇸 10dencehispahard SL	2026-01-26 09:27:59 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇺🇸 TPI-Abuse	2026-01-08 21:55:05 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 209.50.163.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 209.50.163.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 08 16:54:55.855638 2026] [security2:error] [pid 31502:tid 31502] [client 209.50.163.4:39693] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.neff.family.name\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.neff.family.name"] [uri "/backup.sql"] [unique_id "aWAnr4qU9kz_nsuEjcGeZgAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-12-24 17:19:57 (5 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 19-19.209.50.163.4.web-spammer ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 19-19.209.50.163.4.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 17:06:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 12:06:35.281698 2025] [security2:error] [pid 29780:tid 29780] [client 209.50.163.4:32505] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nuegrapes.com"] [uri "/.git/HEAD"] [unique_id "aThXG4uvr6j-uT79lxfc_wAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 09:13:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 04:12:57.277953 2025] [security2:error] [pid 24513:tid 24513] [client 209.50.163.4:55917] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thewhitedfamily.com"] [uri "/.svn/wc.db"] [unique_id "aTfoGRiDhI8zJtAo4jXDdQAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 03:33:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 22:33:31.150311 2025] [security2:error] [pid 20030:tid 20030] [client 209.50.163.4:54371] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yakski.com"] [uri "/.svn/wc.db"] [unique_id "aTZHC1-E7LpWGxSClpudGgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 15:27:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 10:27:23.638478 2025] [security2:error] [pid 7196:tid 7196] [client 209.50.163.4:17979] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "travelingguitarfoundation.org"] [uri "/.env"] [unique_id "aTWc26s1zMsl_IDEiiXU4wAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 13:45:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 08:45:39.136867 2025] [security2:error] [pid 7899:tid 7899] [client 209.50.163.4:22695] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "joepeters.org"] [uri "/.svn/wc.db"] [unique_id "aTWFA7qweSG0dSZTGohrLQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2025-12-06 23:00:31 (6 months ago)	Auto-ban: >3000 req/min op 2025-12-06	Hacking Web App Attack SSH

Showing 1 to 15 of 54 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.149.228

🇫🇷 79.127.134.229

🇳🇱 45.128.199.178

🇺🇸 195.184.76.2

🇧🇪 194.187.251.91

🇫🇮 185.148.3.241

🇮🇳 182.95.178.206

🇺🇸 165.154.162.104

🇮🇳 117.203.104.74

🇳🇱 91.92.42.147

🇨🇦 85.217.149.5

🇯🇵 43.133.194.186

🇸🇬 43.133.61.254

🇲🇽 201.140.123.130

🇩🇪 192.109.200.215

🇺🇸 147.185.132.35

🇧🇩 123.49.60.158

🇺🇸 45.61.125.82

🇷🇴 2.57.121.25

🇰🇷 203.252.10.3