JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.172.1

209.50.172.1 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.172.1

Whois 209.50.172.1

IP Abuse Reports for 209.50.172.1:

This IP address has been reported a total of 23 times from 14 distinct sources. 209.50.172.1 was first reported on September 26th 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇨🇦 SSH-Admin	2026-02-07 17:12:28 (4 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇵🇱 sefinek.net	2026-01-01 05:34:21 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1264.71 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇨🇦 SSH-Admin	2025-12-27 13:45:08 (5 months ago)	Probing for Exploits	Exploited Host Web App Attack
Anonymous	2025-12-15 15:48:53 (6 months ago)	botnet	DDoS Attack
🇪🇸 10dencehispahard SL	2025-12-10 06:45:16 (6 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇳🇱 homeshowdomain.nl	2025-11-24 23:04:55 (6 months ago)	Auto-ban: >3000 req/min op 2025-11-24	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-24 06:59:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.172.1 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.172.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:59:39.644391 2025] [security2:error] [pid 7440:tid 7440] [client 209.50.172.1:52381] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.wastetrack.io.wwts.io"] [uri "/.svn/wc.db"] [unique_id "aSQCW8-T8xydhIT1DWR5agAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:13:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.172.1 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.172.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:13:27.694664 2025] [security2:error] [pid 2408:tid 2408] [client 209.50.172.1:50723] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "addisonkinkade.com"] [uri "/.svn/wc.db"] [unique_id "aSPpd1Tb2zByA_bNCortUAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-14 18:27:14 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.172.1 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.172.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 14 13:27:07.152735 2025] [security2:error] [pid 28514:tid 28514] [client 209.50.172.1:20797] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.industrialgraphicdesign.com"] [uri "/.env"] [unique_id "aRd0e7a20v3dC7-my03zUQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 D3monite	2025-10-26 15:38:54 (7 months ago)	Attempted Brute Force (cpaneld)	Brute-Force
Anonymous	2025-10-15 19:01:10 (8 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.15 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.15 is noted in report timestamp show less	Hacking Brute-Force
🇨🇦 wil.com	2025-10-14 07:34:57 (8 months ago)	GlobalProtect login attempts with user tieraniegrafa.	VPN IP Brute-Force
Anonymous	2025-10-07 08:09:03 (8 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.07 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.07 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-04 06:06:28 (8 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.04 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.04 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇪 145.241.123.102

🇨🇳 113.249.157.2

🇭🇰 103.158.29.100

🇨🇦 209.50.188.135

🇳🇱 195.178.110.188

🇳🇱 185.242.226.11

🇬🇧 185.216.145.174

🇳🇱 176.65.139.181

🇩🇪 167.94.146.62

🇪🇨 157.100.142.214

🇰🇷 118.37.214.187

🇨🇳 114.230.239.234

🇺🇸 71.6.232.22

🇺🇸 66.132.195.20

🇺🇸 65.111.14.3

🇧🇷 45.184.121.239

🇺🇸 45.3.34.230

🇺🇸 2607:f8b0:4001:c00::125

🇳🇱 176.65.139.158

🇧🇷 168.196.206.14