AbuseIPDB » 209.50.177.242
209.50.177.242
This IP was reported 9 times. Confidence of
Abuse
is 1% : ?
ISP
3xK Tech GmbH
Usage Type
Data Center/Web Hosting/Transit
ASN
AS200373
Domain Name
3xktech.cloud
Country
๐จ๐ฆ
Canada
City
Toronto, Ontario
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 209.50.177.242 :
This IP address has been reported a total of
9
times from
7 distinct
sources.
209.50.177.242 was first reported on
November 27th 2025 , and the most recent report was
2 weeks ago
Old Reports:
The most recent abuse report for this IP address is from
2 weeks ago
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ฆ๐บ
LiftUp Hosting
2026-06-05 01:51:57
(2 weeks ago)
Honeypot hit: HTTP/1.1 request on 8546
POST /
User-Agent: Go-http-client/1.1
Accept-Encoding: gzip
...
show more
Honeypot hit: HTTP/1.1 request on 8546
POST /
User-Agent: Go-http-client/1.1
Accept-Encoding: gzip
POST Data: {"jsonrpc":"2.0","method":"eth_chainId","params":[],"id":1}; 8546 [2] TCP
show less
Hacking
Bad Web Bot
๐ฑ๐ป
garmtech.com
2026-03-14 23:16:42
(3 months ago)
IM360 WAF: Attempt to upload malware
Hacking
๐ช๐ธ
10dencehispahard SL
2026-01-26 09:42:35
(4 months ago)
Wordpress probing for vulnerabilities
Hacking
Exploited Host
๐ต๐ฑ
sefinek.net
2026-01-23 19:58:26
(5 months ago)
Triggered Cloudflare WAF (firewallCustom) from CA.
Action taken: MANAGED_CHALLENGE
Protocol: HTTP/1. ...
show more
Triggered Cloudflare WAF (firewallCustom) from CA.
Action taken: MANAGED_CHALLENGE
Protocol: HTTP/1.1 (GET method)
Endpoint: /
UA: Mozilla/5.0 (X11; Linux i686; rv:114.0) Gecko/20100101 Firefox/114.0
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-01-21 13:59:46
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.177.242 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.177.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 21 08:59:41.519969 2026] [security2:error] [pid 16066:tid 16198] [client 209.50.177.242:41823] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "themarketplacelb.com"] [uri "/.svn/wc.db"] [unique_id "aXDbzSAnFO-IMpvmHxIOPgAAAcI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Packets-Decreaser.NET
2025-12-29 14:01:28
(5 months ago)
Incoming Layer 7 Flood Detected
DDoS Attack
Web Spam
2025-12-07 16:10:05
(6 months ago)
DEAGICO WEBFORM SPAM 209.50.177.242 (209.50.177.242)
Web Spam
๐ฑ๐ป
garmtech.com
2025-12-04 19:00:18
(6 months ago)
IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 21-00.209.50.177.242.web-spamm ...
show more
IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 21-00.209.50.177.242.web-spammers.v2.rbl.imunify.com._v4 succeeded.
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-27 20:25:08
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.177.242 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.177.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 15:24:59.062167 2025] [security2:error] [pid 26036:tid 26036] [client 209.50.177.242:57955] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "caralis.com"] [uri "/.env"] [unique_id "aSizm3KoFxGgckGeLny1ngAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Showing 1 to
9
of 9 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: