JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.175.12

209.50.175.12 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.175.12

Whois 209.50.175.12

IP Abuse Reports for 209.50.175.12:

This IP address has been reported a total of 21 times from 12 distinct sources. 209.50.175.12 was first reported on September 26th 2025, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 i-turnradio.nl	2026-02-16 14:28:46 (3 months ago)	2026-02-16 15:28:46 (CET) ~ Blocked by abusescan risk assessment	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2026-01-29 15:42:46 (4 months ago)	WP Login Scan Activities	Web App Attack
🇪🇸 10dencehispahard SL	2026-01-26 09:39:50 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
Anonymous	2025-12-06 22:56:30 (6 months ago)	botnet	DDoS Attack
🇫🇮 Shaik Sai Meera	2025-11-25 00:02:17 (6 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇺🇸 TPI-Abuse	2025-11-24 08:27:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.175.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.175.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:26:53.868209 2025] [security2:error] [pid 25106:tid 25161] [client 209.50.175.12:35235] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "barstow-station.com"] [uri "/.env"] [unique_id "aSQWzTsFdfAxnE8Jg1Y8mwAAAZA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:15:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.175.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.175.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:15:02.714987 2025] [security2:error] [pid 27560:tid 27560] [client 209.50.175.12:23685] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.bernarrmacfadden.com"] [uri "/.svn/wc.db"] [unique_id "aSP35nSlHvwF2wANYXT6KwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:25:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.175.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.175.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:25:33.592121 2025] [security2:error] [pid 19466:tid 19466] [client 209.50.175.12:60765] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "advancedmotorsports.com"] [uri "/.git/HEAD"] [unique_id "aSPsTYonsxLzJCcI-hERZwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:37:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.175.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.175.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:37:02.897378 2025] [security2:error] [pid 1297:tid 1297] [client 209.50.175.12:59317] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mikelynchphoto.com"] [uri "/.git/HEAD"] [unique_id "aSPg7ldHHaxaQ_dGKw-tAAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-02 21:07:20 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 07:20:34	Port Scan Brute-Force Exploited Host Web App Attack
Anonymous	2025-11-01 23:01:04 (7 months ago)	[redacted] 209.50.175.12 - - [02/Nov/2025:00:00:51 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "M ... show more [redacted] 209.50.175.12 - - [02/Nov/2025:00:00:51 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (iPad; CPU OS 7_0_4 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11B554a Safari/9537.53" [redacted] 209.50.175.12 - - [02/Nov/2025:00:00:52 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Linux; Android 6.0; MYA-L03 Build/HUAWEIMYA-L03; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/69.0.3497.100 Mobile Safari/537.36 [FB_IAB/FB4A;FBAV/192.0.0.34.85;]" [redacted] 209.50.175.12 - - [02/Nov/2025:00:00:54 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:10.0) Gecko/20150101 Firefox/44.0 (Chrome)" [redacted] 209.50.175.12 - - [02/Nov/2025:00:00:55 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36" joerg-shim ... show less	Hacking Web App Attack
🇫🇷 applemooz	2025-11-01 12:23:33 (7 months ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack
Anonymous	2025-10-29 08:03:20 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-10-16 16:03:00 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.16 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.16 is noted in report timestamp show less	Hacking Brute-Force
🇨🇦 wil.com	2025-10-15 14:26:51 (7 months ago)	GlobalProtect login attempts with user tmazurek.	VPN IP Brute-Force

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 182.181.99.73

🇧🇷 177.8.2.218

🇨🇳 123.179.161.42

🇮🇳 122.177.247.216

🇺🇸 108.62.56.198

🇳🇱 88.151.32.194

🇩🇪 46.249.99.46

🇳🇱 45.148.10.157

🇰🇷 211.46.188.16

🇺🇸 208.84.100.96

🇩🇪 192.109.200.78

🇮🇳 122.175.34.10

🇹🇼 111.70.22.154

🇩🇪 82.115.21.205

🇺🇸 69.12.64.44

🇩🇪 68.183.75.109

🇺🇸 67.241.132.98

🇺🇸 64.62.156.33

🇬🇧 57.129.133.221

🇫🇷 45.157.112.49