JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.172.244

209.50.172.244 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 46%: ?

46%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.172.244

Whois 209.50.172.244

IP Abuse Reports for 209.50.172.244:

This IP address has been reported a total of 26 times from 15 distinct sources. 209.50.172.244 was first reported on October 1st 2025, and the most recent report was 15 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 georgengelmann	2026-06-20 06:12:35 (15 hours ago)	Failed login attempt for audywebyani@112	Brute-Force Web App Attack
Anonymous	2026-06-19 08:28:36 (1 day ago)	Brute forcing Wordpress login	Hacking Web App Attack
Anonymous	2026-06-19 05:56:17 (1 day ago)	209.50.172.244 - - [19/Jun/2026:13:56:17 +0800] "POST /xmlrpc.php HTTP/1.1" 200 401 "https://www.goo ... show more 209.50.172.244 - - [19/Jun/2026:13:56:17 +0800] "POST /xmlrpc.php HTTP/1.1" 200 401 "https://www.google.com/search?q=wordpress" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Bad Web Bot Web App Attack
🇫🇷 pm33	2026-06-17 13:51:18 (3 days ago)	Wordpress login attempts	Brute-Force
🇫🇷 ELYAZ	2026-06-16 13:29:37 (4 days ago)	(y4) Failed scan -byebye- from 209.50.172.244 (US/United States/-): (CF_ENABLE)	Hacking
🇩🇪 FeG Deutschland	2026-06-15 20:05:28 (5 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 dtorrer	2026-06-11 18:09:31 (1 week ago)	Brute-force general attack.	Brute-Force
🇫🇷 pm33	2026-06-10 19:36:23 (1 week ago)	Wordpress login attempts	Brute-Force
🇨🇳 ThreatBook.io	2026-05-12 22:28:56 (1 month ago)	ThreatBook Intelligence: Spam,Gateway more details on https://threatbook.io/ip/209.50.172.244 2026-0 ... show more ThreatBook Intelligence: Spam,Gateway more details on https://threatbook.io/ip/209.50.172.244 2026-05-12 20:19:33 /config/config.xml 2026-05-12 20:19:34 /wls-wsat/CoordinatorPortType 2026-05-12 20:19:33 /management/tenant-monitoring/servers 2026-05-12 20:19:33 /weblogic/ready 2026-05-12 20:19:28 /console/login/LoginForm.jsp show less	Web App Attack
🇺🇸 myagent.site	2026-01-15 08:41:19 (5 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2026-01-13 12:35:13 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.172.244 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.172.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 13 07:35:07.204549 2026] [security2:error] [pid 9992:tid 9992] [client 209.50.172.244:18529] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "web-dojo.info"] [uri "/.svn/wc.db"] [unique_id "aWY7-_jMELXp4d-uwvYduAAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-07 18:36:59 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-24 07:50:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.172.244 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.172.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:49:45.318514 2025] [security2:error] [pid 5478:tid 5478] [client 209.50.172.244:40543] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ceta-arts.tandm.us"] [uri "/.env"] [unique_id "aSQOGXbIhfvGJyHyZsn4UwAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:55:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.172.244 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.172.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:55:02.473637 2025] [security2:error] [pid 5170:tid 5183] [client 209.50.172.244:33427] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.meeker.us"] [uri "/.env"] [unique_id "aSQBRuQIVFuTkiCAsDQLcwAAAUo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:28:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.172.244 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.172.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:28:31.703789 2025] [security2:error] [pid 18551:tid 18551] [client 209.50.172.244:59173] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "home.agingworkforcenews.com"] [uri "/.svn/wc.db"] [unique_id "aSP7DwjnjxEIdexBOF4RfwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 222.184.31.28

🇨🇱 190.5.37.205

🇫🇷 90.55.231.159

🇬🇧 35.203.211.197

🇧🇷 138.122.155.161

🇮🇳 103.211.40.68

🇮🇳 94.136.186.217

🇫🇷 84.17.43.206

🇬🇧 35.203.210.36

🇨🇱 186.105.133.142

🇰🇬 92.62.74.41

🇺🇸 91.230.168.209

🇱🇹 81.30.98.144

🇷🇴 80.94.95.211

🇨🇳 61.153.184.151

🇹🇭 49.49.29.64

🇺🇸 45.79.207.252

🇬🇧 35.203.211.82

🇨🇳 14.103.112.5

🇨🇳 1.30.16.218