JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.163.49

209.50.163.49 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 22%: ?

22%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.163.49

Whois 209.50.163.49

IP Abuse Reports for 209.50.163.49:

This IP address has been reported a total of 26 times from 11 distinct sources. 209.50.163.49 was first reported on September 26th 2025, and the most recent report was 58 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 4server	2026-06-19 16:54:35 (58 minutes ago)	[FriJun1918:54:28.3158542026][security2:error][pid4003395:tid4003687][client209.50.163.49:0]ModSecur ... show more [FriJun1918:54:28.3158542026][security2:error][pid4003395:tid4003687][client209.50.163.49:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\^/wp-content/plugins/[\^/] /\(readme\\\\\\\\.txt\\|changelog\\\\\\\\.txt\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"382\"][id\"960828\"][msg\"WordPresspluginenumerationblocked\"][hostname\"urbani.ch\"][uri\"/wp-content/plugins/really-simple-ssl-pro/readme.txt\"][unique_id\"ajV0ROKeJQadkU7rfRDswwAAAIo\"] show less	Hacking Web App Attack
🇬🇧 poundawebsiteltd	2026-06-16 18:53:05 (2 days ago)	WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 209.50.163.49 - - [16/Jun/2026:19:52:59 +0100] P ... show more WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 209.50.163.49 - - [16/Jun/2026:19:52:59 +0100] POST /wp-login.php HTTP/1.1 200 6763 https://[REDACTED_DOMAIN]/wp-login.php Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0 show less	Web App Attack
🇫🇷 ELYAZ	2026-06-15 22:13:43 (3 days ago)	(y4) Failed scan -byebye- from 209.50.163.49 (US/United States/-): (CF_ENABLE)	Hacking
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇬🇧 relianoid.com	2026-03-23 15:19:10 (2 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇺🇸 TPI-Abuse	2025-12-08 22:51:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 17:51:40.021359 2025] [security2:error] [pid 25177:tid 25177] [client 209.50.163.49:36127] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "barcelonarider.com"] [uri "/.git/HEAD"] [unique_id "aTdWfF3-7PtdbmTyBCA9fQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 19:01:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 14:01:32.366619 2025] [security2:error] [pid 29986:tid 29991] [client 209.50.163.49:11621] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "starlinksales.net"] [uri "/.env"] [unique_id "aTR9jOHXSLWOaV8lAb6X0AAAAEM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 16:15:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 11:15:32.254064 2025] [security2:error] [pid 5456:tid 5464] [client 209.50.163.49:20841] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kaukabsiddique.net"] [uri "/.git/HEAD"] [unique_id "aTRWpCmw0GGY0zhFznmiegAAAMY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 11:49:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 06:49:55.366154 2025] [security2:error] [pid 32092:tid 32092] [client 209.50.163.49:40609] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "coretherapyassoc.com"] [uri "/.git/HEAD"] [unique_id "aTLG4yQlbw76g6Ps5foX-gAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 10:26:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 05:26:42.461678 2025] [security2:error] [pid 1406:tid 1489] [client 209.50.163.49:47067] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nepsco.com"] [uri "/.svn/wc.db"] [unique_id "aTKzYgcKNvWm-eU-9V2sQwAAAQc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 09:46:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 04:46:06.458010 2025] [security2:error] [pid 13766:tid 13766] [client 209.50.163.49:24401] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "davefortier.com"] [uri "/.svn/wc.db"] [unique_id "aTKp3hEKPI5Ceyfo9b3mAAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 05:47:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 00:47:10.647076 2025] [security2:error] [pid 3218:tid 3218] [client 209.50.163.49:16101] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jeffr.com"] [uri "/.git/HEAD"] [unique_id "aTJx3tZsG4hkhrhXyRY7ygAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 02:47:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 21:47:06.257301 2025] [security2:error] [pid 28608:tid 28608] [client 209.50.163.49:9927] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nealschonmusic.com"] [uri "/.svn/wc.db"] [unique_id "aTJHqkM_muBjbq7YWVuFUwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 07:58:18 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇧🇷 hostseries	2025-10-25 04:59:35 (7 months ago)	Trigger: LF_DISTATTACK	Brute-Force

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 185.149.26.71

🇻🇳 103.154.62.14

🇩🇪 103.14.32.192

🇳🇱 45.148.10.183

🇨🇦 20.104.203.253

🇺🇸 198.62.7.140

🇩🇪 194.164.63.8

🇬🇧 193.163.125.222

🇨🇭 107.189.1.82

🇰🇪 102.210.149.105

🇰🇬 46.251.213.227

🇷🇴 2.57.122.177

🇫🇮 147.185.133.159

🇮🇩 103.133.61.179

🇱🇹 81.30.98.158

🇩🇪 69.5.169.98

🇺🇸 65.49.20.110

🇮🇩 36.64.131.68

🇧🇷 191.37.89.75

🇺🇸 150.107.36.74