JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.173.70

209.50.173.70 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.173.70

Whois 209.50.173.70

IP Abuse Reports for 209.50.173.70:

This IP address has been reported a total of 34 times from 19 distinct sources. 209.50.173.70 was first reported on September 29th 2025, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 10dencehispahard SL	2026-01-26 09:38:13 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇫🇷 tilellit.pro	2026-01-23 11:06:44 (4 months ago)	Fail2Ban banned 209.50.173.70 for security violations in jail wp-armour. Log: 2026/01/23 11:06:43 [e ... show more Fail2Ban banned 209.50.173.70 for security violations in jail wp-armour. Log: 2026/01/23 11:06:43 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 209.50.173.70 \| Target: wplogin" , client: 209.50.173.70, server: [REDACTED], request: "POST /wp-login.php HTTP/2.0", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇺🇸 TPI-Abuse	2025-12-28 16:18:34 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 11:18:22.516490 2025] [security2:error] [pid 1711398:tid 1711401] [client 209.50.173.70:10591] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.rawsynergy.com"] [uri "/.svn/wc.db"] [unique_id "aVFYTvs7bEQg9jsRg9lh7gAAAMA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 bontekoe.technology	2025-12-28 16:00:32 (5 months ago)	Port scan or Brute-Force detected. (src_port=53819, dst_port=80)	Brute-Force
🇺🇸 TPI-Abuse	2025-12-28 03:40:52 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 22:40:49.813311 2025] [security2:error] [pid 4023:tid 4035] [client 209.50.173.70:22765] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "minutosrobados.com"] [uri "/.git/HEAD"] [unique_id "aVCmwY9HklImrHUOKAUrMgAAAQk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-28 02:36:49 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 21:36:45.022719 2025] [security2:error] [pid 4667:tid 4667] [client 209.50.173.70:41207] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dalonholdings.com"] [uri "/.git/HEAD"] [unique_id "aVCXvTecKManihKIgnCjigAAACY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 23:19:09 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 18:19:04.186735 2025] [security2:error] [pid 4908:tid 4908] [client 209.50.173.70:26661] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "haroturkiye.com"] [uri "/.svn/wc.db"] [unique_id "aVBpaEaQbqL1b757VuaDQwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 22:53:30 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 17:53:24.668436 2025] [security2:error] [pid 22404:tid 22404] [client 209.50.173.70:50251] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "intellectualcapitalmanagementsystems.com"] [uri "/.git/HEAD"] [unique_id "aVBjZAJ7ul5qTZE2GQRONgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 22:24:51 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 17:24:46.295472 2025] [security2:error] [pid 13550:tid 13550] [client 209.50.173.70:49703] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "2massociatesllc.com"] [uri "/.git/HEAD"] [unique_id "aVBcruGav6ICDVd6-o9eFgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-27 19:54:06 (5 months ago)	"GET /.svn/wc.db HTTP/1.1"	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 18:20:34 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 13:20:28.346848 2025] [security2:error] [pid 4323:tid 4323] [client 209.50.173.70:52333] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "weirdlovemakers.com"] [uri "/.git/HEAD"] [unique_id "aVAjbGxXuresR-cUFefPFQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2025-12-25 13:43:04 (5 months ago)	Blocked by CSF 13 firewall - Rule: WPLOGIN US/United States/-	Web App Attack
🇮🇹 alph44	2025-12-24 06:30:35 (5 months ago)	WordPress attack detected by fail2ban: 3 failed attempts	Web App Attack
🇮🇹 VHosting	2025-12-23 23:10:03 (5 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
Anonymous	2025-12-22 17:52:49 (5 months ago)	(WPLOGIN) WP Login Attack 209.50.173.70 (US/United States/-): 10 in the last 3600 secs; Ports: ; Di ... show more (WPLOGIN) WP Login Attack 209.50.173.70 (US/United States/-): 10 in the last 3600 secs; Ports: ; Direction: 1 show less	Brute-Force SSH

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 185.147.26.126

🇩🇪 213.209.159.235

🇺🇸 195.210.125.157

🇺🇸 162.216.149.65

🇦🇹 85.192.42.149

🇺🇸 18.217.208.51

🇻🇳 14.185.124.187

🇲🇽 186.96.145.241

🇷🇺 178.204.4.12

🇨🇳 43.248.108.20

🇨🇭 209.99.189.177

🇺🇸 172.253.251.62

🇺🇸 172.86.114.38

🇺🇸 129.146.121.103

🇷🇺 85.30.212.23

🇫🇷 193.55.175.19

🇩🇪 69.5.169.40

🇺🇸 199.120.14.232

🇹🇭 171.100.67.250

🇺🇸 146.88.241.57