JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.173.203

209.50.173.203 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.173.203

Whois 209.50.173.203

IP Abuse Reports for 209.50.173.203:

This IP address has been reported a total of 35 times from 15 distinct sources. 209.50.173.203 was first reported on September 27th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇽 octageeks.com	2026-06-26 04:09:52 (1 day ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇩🇪 F242	2026-01-30 06:09:04 (4 months ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇩🇪 iNetWorker	2026-01-11 08:28:57 (5 months ago)	trolling for resource vulnerabilities	Web App Attack
🇺🇸 TPI-Abuse	2025-12-30 10:20:30 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.203 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 30 05:20:23.228073 2025] [security2:error] [pid 3840815:tid 3840836] [client 209.50.173.203:9881] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.rawsynergy.com"] [uri "/.git/HEAD"] [unique_id "aVOnZ_hY0WluO26hDFjvSAAAAIw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 06:40:23 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.203 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:40:19.081811 2025] [security2:error] [pid 9762:tid 9762] [client 209.50.173.203:10425] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "directoryofdogs.com"] [uri "/.git/HEAD"] [unique_id "aVIiU2uvftjewSSXhfPI2wAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2025-12-29 06:36:32 (5 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 06:14:58 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.203 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:14:52.129725 2025] [security2:error] [pid 8180:tid 8180] [client 209.50.173.203:50275] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "quincysheetmetal.com"] [uri "/.svn/wc.db"] [unique_id "aVIcXMz-5HT_FI_67TUu-wAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 OceanTreasure	2025-12-29 03:35:20 (5 months ago)	tcp/80; Git HEAD reference exposure attempt: "GET /.git/HEAD" @ 2025-12-29T03:30:36Z [proxy]	Web App Attack
Anonymous	2025-12-08 08:47:27 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-25 03:42:41 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.203 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:42:03.187022 2025] [security2:error] [pid 9321:tid 9321] [client 209.50.173.203:11265] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.leonardodecaprio.com"] [uri "/.svn/wc.db"] [unique_id "aSUli_t_MZwISDqRxuGkkgAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:18:37 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.203 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:18:30.084179 2025] [security2:error] [pid 15439:tid 15439] [client 209.50.173.203:54995] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.anbruswebdesign.com"] [uri "/.env"] [unique_id "aSUgBptzE5f1dejzd_yC-wAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:09:41 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.203 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:09:35.853270 2025] [security2:error] [pid 22845:tid 22845] [client 209.50.173.203:16445] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.rosemeadefarms.com"] [uri "/.svn/wc.db"] [unique_id "aSUP3zP_DK5NkJ-MaSPg0gAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:36:32 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.203 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:36:24.167830 2025] [security2:error] [pid 7326:tid 7515] [client 209.50.173.203:55299] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.gryphix.com"] [uri "/.env"] [unique_id "aSUIGNNUaJ5dFUuoaTx10QAAAME"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:56:22 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.203 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:56:12.967227 2025] [security2:error] [pid 20317:tid 20317] [client 209.50.173.203:10025] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.bonnesfrequences.com"] [uri "/.svn/wc.db"] [unique_id "aST-rEFlkx16ek_TfESFIwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:37:08 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.203 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:36:52.070889 2025] [security2:error] [pid 23986:tid 23986] [client 209.50.173.203:12139] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.lexingtonlimobus.com"] [uri "/.git/HEAD"] [unique_id "aSQLFCW4jV7beus-YzqMDgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 210.169.192.47

🇮🇩 202.155.157.145

🇺🇸 172.236.123.208

🇩🇪 157.230.18.133

🇺🇸 138.94.219.55

🇨🇳 101.126.54.36

🇹🇷 85.104.112.224

🇳🇱 45.156.87.93

🇧🇪 198.235.24.185

🇨🇴 181.49.157.130

🇺🇸 162.216.150.69

🇺🇸 185.180.141.47

🇳🇱 176.65.149.178

🇫🇮 147.185.133.150

🇫🇷 91.231.89.192

🇱🇹 45.227.254.170

🇺🇸 20.168.123.0

🇧🇷 191.240.25.99

🇬🇧 185.170.111.223

🇺🇸 162.216.149.146