JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.163.48

209.50.163.48 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 15%: ?

15%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.163.48

Whois 209.50.163.48

IP Abuse Reports for 209.50.163.48:

This IP address has been reported a total of 32 times from 15 distinct sources. 209.50.163.48 was first reported on September 4th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Blexyel	2026-06-20 20:51:39 (1 day ago)	209.50.163.48 - - [20/Jun/2026:22:51:38 +0200] "GET /.git/config HTTP/1.1" 200 265 "-" "Mozilla/5.0 ... show more 209.50.163.48 - - [20/Jun/2026:22:51:38 +0200] "GET /.git/config HTTP/1.1" 200 265 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36" ... show less	Brute-Force Web App Attack
Anonymous	2026-05-01 20:17:04 (1 month ago)	Forum/form spam	Web Spam
🇱🇻 garmtech.com	2026-04-25 22:51:11 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 01-51.209.50.163.48.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 01-51.209.50.163.48.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
Anonymous	2026-03-20 22:45:35 (3 months ago)	Forum/form spam	Web Spam
🇺🇸 cyfordtechnologies.com	2026-03-14 05:50:18 (3 months ago)	High-abuse ASN prefix: 209.50. : Reported by Cyford API	Web App Attack
Anonymous	2026-03-02 22:39:06 (3 months ago)	Forum/form spam	Web Spam
🇫🇷 dynamix	2026-02-13 08:21:42 (4 months ago)	Multiple WAF Violations	Web App Attack
🇳🇱 BlueWire Hosting	2026-02-13 01:23:22 (4 months ago)	Probing websites for vulnerabilities	Web App Attack
🇩🇪 conseilgouz	2026-02-10 16:42:43 (4 months ago)	coe-17 : Block hidden directories=>/v2/.git/config(/)	Hacking
🇺🇸 TPI-Abuse	2026-02-10 01:54:05 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 20:53:58.830212 2026] [security2:error] [pid 14012:tid 14012] [client 209.50.163.48:9691] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "generationedm.com"] [uri "/api/.env"] [unique_id "aYqPtiU2A02fPOD0z7u9fQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:34:53 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:34:46.497670 2026] [security2:error] [pid 16157:tid 16157] [client 209.50.163.48:9405] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "geckoturner.com"] [uri "/admin/.env"] [unique_id "aYp9Jh-pg8E-hpf1BYm0wQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 19:02:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 14:02:19.546507 2025] [security2:error] [pid 9418:tid 9418] [client 209.50.163.48:17515] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "angelaridgwaydressage.com"] [uri "/.git/HEAD"] [unique_id "aS83u9vjuHKRgNjb8T7WmAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 17:55:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 12:55:24.138748 2025] [security2:error] [pid 28616:tid 28632] [client 209.50.163.48:57581] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "heworeblack.com"] [uri "/.svn/wc.db"] [unique_id "aS8oDNKn-V3A4XFLccrSNQAAAQ0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 15:10:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 10:10:13.664147 2025] [security2:error] [pid 32181:tid 32193] [client 209.50.163.48:24977] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aussiepens.com"] [uri "/.env"] [unique_id "aS8BVdmyicOVKFmdTk-IBAAAAQo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 12:56:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 07:56:13.028597 2025] [security2:error] [pid 12543:tid 12543] [client 209.50.163.48:23255] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "morivercloggers.com"] [uri "/.svn/wc.db"] [unique_id "aS7h7UzrXC5Pu95yGI2V9AAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.139.22

🇺🇸 172.210.68.2

🇭🇰 165.154.40.205

🇺🇸 161.35.236.254

🇮🇳 152.52.209.54

🇮🇳 103.247.80.140

🇳🇱 91.92.40.10

🇺🇸 75.1.240.64

🇺🇸 34.24.44.101

🇭🇰 199.45.154.191

🇲🇽 187.191.48.23

🇳🇱 176.65.131.189

🇹🇷 176.53.96.154

🇮🇳 128.185.201.26

🇭🇰 125.59.252.103

🇮🇳 125.20.245.182

🇨🇳 111.26.95.126

🇮🇳 103.182.105.100

🇺🇸 91.230.168.70

🇳🇱 91.92.40.176