JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.176.238

209.50.176.238 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 8%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.176.238

Whois 209.50.176.238

IP Abuse Reports for 209.50.176.238:

This IP address has been reported a total of 11 times from 7 distinct sources. 209.50.176.238 was first reported on October 30th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 4server	2026-05-12 00:36:08 (1 month ago)	[TueMay1202:36:07.3287322026][security2:error][pid3383777:tid3383813][client209.50.176.238:0]ModSecu ... show more [TueMay1202:36:07.3287322026][security2:error][pid3383777:tid3383813][client209.50.176.238:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"eimeko.ch\"][uri\"/\"][unique_id\"agJ193xtdSKE8uC5BCSJ2gAAABg\"] show less	Port Scan Brute-Force Web App Attack
🇬🇧 AvonleaConsulting	2026-04-29 22:48:29 (1 month ago)	Attempts to probe web pages for vulnerable PHP or other applications	Web App Attack
🇬🇧 AvonleaConsulting	2026-04-29 15:32:08 (1 month ago)	Scanning unused Default website or suspicious access to valid sites from IP marked as abusive	Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-01-15 08:39:48 (4 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇩🇪 Vegascosmetics	2026-01-12 22:50:35 (5 months ago)	Kingcopy(AI-IDS):IP does Multiple AWS Environment Abuse	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:01:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.176.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.176.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:01:16.999065 2025] [security2:error] [pid 134161:tid 134185] [client 209.50.176.238:14841] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.learndoexplore.com"] [uri "/.svn/wc.db"] [unique_id "aSQQzBfbvyHppNR9RqKLrgAAAIM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:20:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.176.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.176.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:20:47.826530 2025] [security2:error] [pid 9734:tid 9734] [client 209.50.176.238:41623] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.stucohen.com"] [uri "/.svn/wc.db"] [unique_id "aSQHT9jgH4ZjlWlodLDnfwAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:46:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.176.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.176.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:46:29.669780 2025] [security2:error] [pid 18848:tid 18848] [client 209.50.176.238:16745] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cuulco.stlouisdave.com"] [uri "/.env"] [unique_id "aSPxNQmHp9DsRBWZDZbt0QAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:33:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.176.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.176.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:32:56.506924 2025] [security2:error] [pid 6747:tid 6747] [client 209.50.176.238:40049] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.dupagekanewildliferemoval.com"] [uri "/.svn/wc.db"] [unique_id "aSPf-HA3_N75krVkNyF91AAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-02 17:17:01 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 07:30:50	Port Scan Brute-Force Exploited Host Web App Attack
Anonymous	2025-10-30 14:15:10 (7 months ago)	WordPress Brute Force	Brute-Force

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 43.157.180.116

🇮🇳 34.93.50.38

🇮🇩 203.145.34.182

🇹🇷 176.91.153.15

🇳🇱 167.71.12.109

🇱🇹 141.98.9.130

🇺🇸 104.210.140.143

🇰🇷 59.1.86.66

🇨🇴 45.65.233.18

🇨🇱 34.176.34.32

🇺🇬 196.0.120.6

🇺🇸 162.216.149.48

🇺🇸 160.153.176.197

🇩🇪 159.89.20.134

🇳🇱 45.148.10.157

🇺🇸 34.162.237.148

🇳🇱 34.90.107.43

🇲🇽 200.68.173.52

🇨🇦 178.128.229.194

🇺🇸 129.212.183.98