JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.178.248

209.50.178.248 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 42%: ?

42%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.178.248

Whois 209.50.178.248

IP Abuse Reports for 209.50.178.248:

This IP address has been reported a total of 25 times from 13 distinct sources. 209.50.178.248 was first reported on October 29th 2025, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇹 Malta	2026-06-26 11:59:55 (12 hours ago)	209.50.178.248 - - [26/Jun/2026:13:59:55 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintos ... show more 209.50.178.248 - - [26/Jun/2026:13:59:55 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.1.15" show less	Hacking Web App Attack
🇫🇷 ELYAZ	2026-06-24 06:42:31 (2 days ago)	(y4) Failed scan -byebye- from 209.50.178.248 (BR/Brazil/-): (CF_ENABLE)	Hacking
🇩🇪 georgengelmann	2026-06-22 07:45:53 (4 days ago)	Failed login attempt for happy	Brute-Force Web App Attack
🇩🇪 nyt	2026-06-17 16:14:37 (1 week ago)	Repeated WordPress login POSTs blocked by WAF (3 in 6h)	Brute-Force Web App Attack
🇩🇪 FeG Deutschland	2026-06-17 00:43:43 (1 week ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇲🇹 Malta	2026-06-16 00:47:07 (1 week ago)	209.50.178.248 - - [16/Jun/2026:02:47:07 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows ... show more 209.50.178.248 - - [16/Jun/2026:02:47:07 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Hacking Web App Attack
🇺🇸 lostswordfish.com	2026-06-15 07:18:03 (1 week ago)	Wordfence waf block on wp20190711M4	Web App Attack
🇩🇪 FeG Deutschland	2026-06-11 00:09:27 (2 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇫🇷 pm33	2026-06-10 16:21:17 (2 weeks ago)	Wordpress login attempts	Brute-Force
🇺🇸 TPI-Abuse	2025-11-27 11:14:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.178.248 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.178.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 06:14:01.675801 2025] [security2:error] [pid 30017:tid 30017] [client 209.50.178.248:59385] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.yarbroughfamily.org"] [uri "/.git/HEAD"] [unique_id "aSgyeRIfbs32v1PXT3OWXgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:49:13 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.178.248 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.178.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:49:09.431536 2025] [security2:error] [pid 24772:tid 24772] [client 209.50.178.248:57709] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.bencramer.net"] [uri "/.svn/wc.db"] [unique_id "aSVDVZEKvkoGpXnrzgokvAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:29:07 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.178.248 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.178.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:29:01.152248 2025] [security2:error] [pid 19167:tid 19167] [client 209.50.178.248:10621] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.ahelfrick.com"] [uri "/.svn/wc.db"] [unique_id "aSU-nU8t5TknlzSYu9vU4gAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:07:09 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.178.248 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.178.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:07:03.179576 2025] [security2:error] [pid 17461:tid 17461] [client 209.50.178.248:17297] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rx.waggonerfinancial.com"] [uri "/.git/HEAD"] [unique_id "aSU5dxUrq_LaArMLCGDn9gAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:30:11 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.178.248 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.178.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:30:07.226214 2025] [security2:error] [pid 13895:tid 13914] [client 209.50.178.248:58719] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.exedesalesteam.com"] [uri "/.env"] [unique_id "aSUwz8qATJ-N2rrGOLZ9dwAAAVE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:04:34 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.178.248 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.178.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:04:31.805842 2025] [security2:error] [pid 26948:tid 26948] [client 209.50.178.248:58775] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "xmas.martinka.org"] [uri "/.env"] [unique_id "aSUqz0UuAjgQis-TL5TioQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 193.176.31.205

🇳🇬 102.88.137.80

🇺🇸 100.28.153.226

🇸🇬 43.156.224.215

🇲🇽 187.224.155.128

🇫🇮 185.148.3.33

🇺🇦 185.17.125.181

🇺🇸 162.216.150.185

🇺🇸 66.132.195.41

🇺🇸 65.79.176.49

🇳🇱 45.148.10.151

🇻🇪 38.252.185.128

🇨🇳 14.109.226.207

🇺🇸 2600:1f18:3120:f500:afbb:342d:de48:6bc

🇺🇸 2001:470:1:fb5::180

🇬🇧 217.154.35.203

🇬🇩 199.223.251.69

🇺🇸 172.185.54.244

🇺🇸 147.185.132.151

🇸🇬 145.223.130.128