JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.172.72

209.50.172.72 was found in our database!

This IP was reported 47 times. Confidence of Abuse is 17%: ?

17%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.172.72

Whois 209.50.172.72

IP Abuse Reports for 209.50.172.72:

This IP address has been reported a total of 47 times from 15 distinct sources. 209.50.172.72 was first reported on September 26th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-06-11 22:20:16 (1 week ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 01-20.209.50.172.72.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 01-20.209.50.172.72.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇳🇱 soverin	2026-05-21 21:29:39 (4 weeks ago)	Network scan on port 443	Email Spam
🇩🇪 iNetWorker	2026-05-21 17:40:23 (4 weeks ago)	trolling for resource vulnerabilities	Web App Attack
🇮🇪 Coolnagour	2026-03-05 18:52:33 (3 months ago)	http-probing: /xmlrpc.php	Web App Attack
Anonymous	2026-01-13 23:41:21 (5 months ago)	"GET /.aws/credentials HTTP/1.1"	Hacking Web App Attack
Anonymous	2025-12-08 16:43:33 (6 months ago)	botnet	DDoS Attack
🇹🇷 rtbh.com.tr	2025-12-05 20:10:19 (6 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇫🇷 SpaceHost-Server	2025-12-04 23:40:08 (6 months ago)		Brute-Force Web App Attack
Anonymous	2025-11-29 11:49:16 (6 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.29 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.29 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-27 15:10:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.172.72 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.172.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 10:10:27.344502 2025] [security2:error] [pid 11110:tid 11110] [client 209.50.172.72:54185] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.wanderlust-fineartphotos.com"] [uri "/.git/HEAD"] [unique_id "aShp48tzu4yZOYEMJKu4vwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 09:22:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.172.72 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.172.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 04:22:12.298625 2025] [security2:error] [pid 21286:tid 21286] [client 209.50.172.72:14257] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.connectigramme.com"] [uri "/.git/HEAD"] [unique_id "aSbGxFam7BSX4FLtokI1QwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:13:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.172.72 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.172.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:13:30.294173 2025] [security2:error] [pid 26751:tid 26751] [client 209.50.172.72:41337] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.rotentendales.com"] [uri "/.svn/wc.db"] [unique_id "aSVJCvD_Aud_VkcHvNAKcQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:45:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.172.72 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.172.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:45:35.265944 2025] [security2:error] [pid 7540:tid 7540] [client 209.50.172.72:15517] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.goodfor247.com"] [uri "/.svn/wc.db"] [unique_id "aSVCfzo-gQyskHooH6o91AAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:28:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.172.72 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.172.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:27:48.761000 2025] [security2:error] [pid 855343:tid 855343] [client 209.50.172.72:30187] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.mikebenson.com"] [uri "/.git/HEAD"] [unique_id "aSU-VNnHNp51rKj50p5VKQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:30:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.172.72 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.172.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:30:44.328808 2025] [security2:error] [pid 9925:tid 9925] [client 209.50.172.72:56255] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.thefiregoddess.net"] [uri "/.svn/wc.db"] [unique_id "aSUw9HrmvRifd1D8R1joyQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 47 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 81.19.216.111

🇺🇸 73.70.187.214

🇺🇸 71.6.239.173

🇺🇸 64.62.197.65

🇺🇿 213.230.92.65

🇲🇩 185.181.229.69

🇧🇷 179.61.185.40

🇮🇶 169.224.19.108

🇫🇮 151.242.43.25

🇺🇸 103.234.62.70

🇸🇬 101.47.163.249

🇺🇸 100.29.192.86

🇷🇴 80.94.95.240

🇺🇸 72.220.249.56

🇺🇸 71.6.240.222

🇺🇸 69.245.78.185

🇺🇸 65.49.1.160

🇳🇱 64.225.76.39

🇺🇸 64.62.156.124

🇺🇸 57.151.105.154