JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.172.137

209.50.172.137 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.172.137

Whois 209.50.172.137

IP Abuse Reports for 209.50.172.137:

This IP address has been reported a total of 30 times from 11 distinct sources. 209.50.172.137 was first reported on September 26th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-05-07 02:47:25 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 05-47.209.50.172.137.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 05-47.209.50.172.137.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2026-04-26 03:14:44 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 06-14.209.50.172.137.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 06-14.209.50.172.137.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 cyfordtechnologies.com	2026-03-12 00:23:24 (3 months ago)	High-abuse ASN prefix: 209.50. : Reported by Cyford API	Web App Attack
🇨🇭 backslash	2026-01-02 15:20:07 (5 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇩🇪 Packets-Decreaser.NET	2025-12-31 01:01:01 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-12-22 14:20:35 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-12-07 01:37:11 (6 months ago)	botnet	DDoS Attack
🇵🇱 sefinek.net	2025-11-27 19:40:33 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 OPR/89.0.4447.51 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-26 10:47:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.172.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.172.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:47:35.025487 2025] [security2:error] [pid 15899:tid 15899] [client 209.50.172.137:27517] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.jcommonsenseeconomics.com"] [uri "/.svn/wc.db"] [unique_id "aSbax0iYl9hcfJop_ar_4wAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:24:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.172.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.172.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:24:09.257192 2025] [security2:error] [pid 13113:tid 13186] [client 209.50.172.137:39197] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "paintingitalyandslovenia.sloveniaflyfishing.com"] [uri "/.git/HEAD"] [unique_id "aSadCRhhwHzhmSuL6kjajgAAAY0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:10:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.172.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.172.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:10:46.766448 2025] [security2:error] [pid 17928:tid 17928] [client 209.50.172.137:56579] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.thewillsmith.com"] [uri "/.svn/wc.db"] [unique_id "aSZTljademNuc9Tb8CKU6gAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:38:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.172.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.172.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:38:18.748856 2025] [security2:error] [pid 9683:tid 9683] [client 209.50.172.137:9957] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.crep-psych.org"] [uri "/.env"] [unique_id "aSZL-o_fM05KFOk9VB0ZEAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:30:42 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.172.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.172.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:30:34.198458 2025] [security2:error] [pid 11250:tid 11250] [client 209.50.172.137:28705] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.kentsavagelaw.com"] [uri "/.env"] [unique_id "aSUGuuMu6mBFR4cQ2EzmGQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:26:38 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.172.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.172.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:26:32.389477 2025] [security2:error] [pid 26201:tid 26201] [client 209.50.172.137:41013] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.akmanoto.com"] [uri "/.git/HEAD"] [unique_id "aSQkyIk8OoeUtr65dTKWlgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:15:40 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.172.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.172.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:15:33.968811 2025] [security2:error] [pid 30071:tid 30071] [client 209.50.172.137:26887] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.eurosoni.emisoni.com"] [uri "/.git/HEAD"] [unique_id "aSQUJYyXLvimEcekpKuP7QAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 80.223.192.131

🇨🇱 216.155.93.75

🇫🇮 147.185.133.10

🇳🇱 107.189.22.0

🇸🇬 104.215.180.121

🇳🇱 45.148.10.151

🇬🇧 35.203.210.237

🇯🇵 203.25.124.9

🇩🇪 148.153.140.82

🇺🇸 147.185.132.226

🇪🇸 141.109.168.107

🇮🇳 103.171.39.147

🇫🇷 51.178.54.174

🇨🇳 222.219.131.47

🇵🇰 123.253.180.246

🇮🇩 103.97.101.25

🇺🇸 91.193.232.240

🇵🇱 89.40.146.227

🇺🇸 47.45.19.244

🇳🇱 45.148.10.147