JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.172.250

209.50.172.250 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 27%: ?

27%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.172.250

Whois 209.50.172.250

IP Abuse Reports for 209.50.172.250:

This IP address has been reported a total of 23 times from 15 distinct sources. 209.50.172.250 was first reported on October 3rd 2025, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇷 setupgr	2026-06-19 00:01:44 (9 hours ago)	(mod_security) mod_security (id:900001) triggered by 209.50.172.250 (US/United States/Virginia/Ashbu ... show more (mod_security) mod_security (id:900001) triggered by 209.50.172.250 (US/United States/Virginia/Ashburn/-/[AS200373 DREI-K-TECH-GMBH]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 19 03:01:42.534844 2026] [security2:error] [pid 2277:tid 2430] [client 209.50.172.250:21775] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "75"] [id "900001"] [msg "Blocked WP Login attempt on domain: babis.photo"] [severity "CRITICAL"] [tag "security"] [hostname "babis.photo"] [uri "/wp-login.php"] [unique_id "ajSG5lVjV5VR3hAZ4rmKWQAAAFI"], referer: https://babis.photo/wp-login.php show less	Port Scan
🇫🇷 ELYAZ	2026-06-15 22:13:27 (3 days ago)	(y4) Failed scan -byebye- from 209.50.172.250 (US/United States/-): (CF_ENABLE)	Hacking
🇺🇸 mnsf	2026-06-01 14:06:45 (2 weeks ago)	Scanning/Probing (34)	Brute-Force Web App Attack
🇱🇻 garmtech.com	2026-05-30 07:27:55 (2 weeks ago)	IM360 WAF: Suspicious access attempt to WordPress debug.log (CVE-2024-44000) MV:/wp-content/debug.lo ... show more IM360 WAF: Suspicious access attempt to WordPress debug.log (CVE-2024-44000) MV:/wp-content/debug.log show less	Web App Attack
🇬🇧 PeravixGroup	2026-05-10 10:44:33 (1 month ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇧🇪 voormedia	2026-04-22 12:46:14 (1 month ago)	Accessed trap at '/.env'	Web App Attack
🇳🇱 ParaBug	2026-04-22 12:08:24 (1 month ago)	209.50.172.250 - - [22/Apr/2026:14:08:24 +0200] "GET http://51-15-23-24.rev.poneytelecom.eu/.svn/wc. ... show more 209.50.172.250 - - [22/Apr/2026:14:08:24 +0200] "GET http://51-15-23-24.rev.poneytelecom.eu/.svn/wc.db HTTP/1.1" 403 440 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1" ... show less	Phishing Brute-Force Web App Attack
Anonymous	2025-12-15 12:11:11 (6 months ago)	botnet	DDoS Attack
Anonymous	2025-11-28 04:06:01 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-27 19:15:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.172.250 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.172.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 14:15:09.796408 2025] [security2:error] [pid 16704:tid 16704] [client 209.50.172.250:11167] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "americanureport.com"] [uri "/.svn/wc.db"] [unique_id "aSijPdmvhCkpCEZrnQthPwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Vegascosmetics	2025-11-25 22:50:19 (6 months ago)	Kingcopy(AI-IDS):IP does Multiple AWS Environment Abuse	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:40:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.172.250 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.172.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:40:31.546174 2025] [security2:error] [pid 24292:tid 24292] [client 209.50.172.250:10153] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "altitudeprothemeclean.fernfieldbrooks.com"] [uri "/.svn/wc.db"] [unique_id "aSVBTz3sQZskNN08t67nXwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:25:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.172.250 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.172.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:24:58.819143 2025] [security2:error] [pid 32673:tid 32673] [client 209.50.172.250:27139] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.vc1.com"] [uri "/.svn/wc.db"] [unique_id "aSUTevMywaUDKqopFC1QBAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:52:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.172.250 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.172.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:52:08.415844 2025] [security2:error] [pid 21980:tid 21980] [client 209.50.172.250:19023] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.saadeh.ws"] [uri "/.svn/wc.db"] [unique_id "aSULyDMs4FYofSthdQ5KoAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:03:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.172.250 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.172.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:03:10.066408 2025] [security2:error] [pid 8610:tid 8610] [client 209.50.172.250:19103] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.texaslawman.net"] [uri "/.git/HEAD"] [unique_id "aSTyPrLXWoKVvLExWaxn7AAAABI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇾 124.13.194.242

🇻🇳 14.225.7.70

🇧🇷 206.42.8.243

🇳🇱 195.178.110.30

🇲🇽 187.192.86.153

🇺🇸 162.216.149.41

🇮🇳 103.91.97.0

🇺🇸 98.83.94.113

🇧🇷 20.226.45.125

🇨🇳 222.222.73.70

🇹🇼 173.194.171.26

🇮🇳 122.183.32.164

🇪🇬 102.43.70.174

🇺🇸 100.29.192.81

🇫🇷 82.226.85.241

🇮🇳 59.179.31.237

🇷🇺 46.163.144.31

🇺🇸 216.25.89.111

🇨🇭 209.99.191.19

🇬🇧 193.32.209.241