JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.173.202

209.50.173.202 was found in our database!

This IP was reported 37 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.173.202

Whois 209.50.173.202

IP Abuse Reports for 209.50.173.202:

This IP address has been reported a total of 37 times from 17 distinct sources. 209.50.173.202 was first reported on September 30th 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-04-07 14:25:39 (2 months ago)	Forum/form spam	Web Spam
🇬🇧 relianoid.com	2026-01-18 05:29:23 (4 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇺🇸 ph	2026-01-05 01:42:03 (5 months ago)	Bad web bot attempting to run wp-login.php on non-WP site	Hacking Bad Web Bot Web App Attack
🇩🇪 Petros Stefanakis	2026-01-01 19:25:25 (5 months ago)	(mod_security) mod_security triggered on hostname [redacted] 209.50.173.202 (US/United States/-)	SQL Injection
🇫🇷 Jean Valjean	2025-12-30 18:46:18 (5 months ago)	Fail2ban Caboom : xmlrpc.php Abuse	SQL Injection Web App Attack
🇮🇹 VHosting	2025-12-28 14:25:08 (5 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-28 07:53:13 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.202 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 02:53:08.723755 2025] [security2:error] [pid 3411:tid 3411] [client 209.50.173.202:39437] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brushmileage.org"] [uri "/wp-config.php"] [unique_id "aVDh5D5CV6nTC-ecNWiZ5wAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-26 20:52:10 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.202 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 26 15:52:07.311987 2025] [security2:error] [pid 22669:tid 22669] [client 209.50.173.202:48231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "barecreationsaz.com"] [uri "/wp-config.php"] [unique_id "aU71d5xGXcigmj2yLuNt3QAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 securejdprop	2025-12-24 04:55:02 (5 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET INFO User-Agent ... show more This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET INFO User-Agent (python-requests) Inbound to Webserver). Ip 209.50.173.202 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2025-12-24 04:54:58.618078623 +0000 UTC show less	Web App Attack
Anonymous	2025-12-11 09:20:54 (6 months ago)	botnet	DDoS Attack
🇵🇱 sefinek.net	2025-12-09 17:15:24 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 OPR/89.0.4447.51 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇩🇪 Packets-Decreaser.NET	2025-11-30 13:10:04 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-25 04:17:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.202 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:16:59.645664 2025] [security2:error] [pid 11872:tid 11872] [client 209.50.173.202:40043] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.veenstras.com"] [uri "/.git/HEAD"] [unique_id "aSUtuyYgDzcFM6UASSx8aQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:30:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.202 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:29:54.270906 2025] [security2:error] [pid 22866:tid 22866] [client 209.50.173.202:21575] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.diegogamazo.com"] [uri "/.svn/wc.db"] [unique_id "aSUisrfG0fzoLW6gssHtbQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:48:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.202 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:48:15.498166 2025] [security2:error] [pid 1647141:tid 1647228] [client 209.50.173.202:16641] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.teresahagadorn.com"] [uri "/.git/HEAD"] [unique_id "aST8z9ffCdpZ5cNrCNdCYgAAAVc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 37 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 210.245.32.192

🇲🇽 187.194.142.89

🇺🇸 165.22.45.133

🇲🇾 49.124.152.26

🇨🇳 182.43.242.192

🇮🇶 169.224.105.244

🇺🇸 154.83.197.185

🇫🇮 147.185.133.217

🇨🇦 144.172.162.238

🇺🇸 135.119.96.214

🇫🇷 81.65.148.53

🇺🇸 65.49.1.202

🇹🇼 45.43.37.254

🇧🇪 35.241.166.201

🇧🇪 35.240.3.145

🇧🇪 34.22.172.118

🇺🇸 20.64.105.243

🇬🇧 2a06:4882:1000::16

🇳🇱 217.103.42.129

🇧🇪 198.235.24.199