JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 50.116.58.253

50.116.58.253 was found in our database!

This IP was reported 70 times. Confidence of Abuse is 89%: ?

89%

ISP	Linode
Usage Type	Data Center/Web Hosting/Transit
ASN	AS63949
Hostname(s)	50-116-58-253.ip.linodeusercontent.com
Domain Name	linode.com
Country	🇺🇸 United States of America
City	Cedar Knolls, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 50.116.58.253

Whois 50.116.58.253

IP Abuse Reports for 50.116.58.253:

This IP address has been reported a total of 70 times from 37 distinct sources. 50.116.58.253 was first reported on May 18th 2025, and the most recent report was 17 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 xmission.com	2026-06-04 01:30:18 (17 hours ago)	Blocked by UFW (TCP on 443) Source port: 53208 TTL: 48 Packet length: 60 TOS: 0x08 This report (for ... show more Blocked by UFW (TCP on 443) Source port: 53208 TTL: 48 Packet length: 60 TOS: 0x08 This report (for 50.116.58.253) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
Anonymous	2026-06-03 05:51:54 (1 day ago)		Port Scan
Anonymous	2026-06-01 20:43:23 (2 days ago)		Port Scan
🇺🇸 MakoWish	2026-05-31 06:24:27 (4 days ago)	Fuzzing for misconfigured web servers.	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-05-31 05:00:34 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 50.116.58.253 (50-116-58-253.ip.linodeuserconte ... show more (mod_security) mod_security (id:210492) triggered by 50.116.58.253 (50-116-58-253.ip.linodeusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 01:00:28.054373 2026] [security2:error] [pid 27237:tid 27237] [client 50.116.58.253:38586] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.197"] [uri "/wp-content/plugins/wp-responsive-images/image_handler.php"] [unique_id "ahvAbH46jXL_BFSI24pgFgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-05-30 17:34:42 (5 days ago)	Web vulnerability probing: /session	Web App Attack
🇺🇸 mw	2026-05-30 00:00:32 (5 days ago)	GET /wp-admin/admin-ajax.php?action=heartbeat&kc_us_dismiss_admin_notice=1&option_name=bfcm_2025_off ... show more GET /wp-admin/admin-ajax.php?action=heartbeat&kc_us_dismiss_admin_notice=1&option_name=bfcm_2025_offer&redirect_to=https://interact.sh HTTP/1.1 show less	Web App Attack
🇺🇸 ersei.net	2026-05-28 00:07:39 (1 week ago)	Nonstop scanning with no cooldown or respect for 429.	Bad Web Bot
🇺🇸 masterguru	2026-05-27 10:06:44 (1 week ago)	Host header is a numeric IP address. Pattern match "^ (920350-163)	Hacking Bad Web Bot
🇺🇸 Ar1s	2026-05-23 01:19:27 (1 week ago)	[1:2016935] ET WEB_SERVER SQL Injection Select Sleep Time Delay ::: Port: 80/TCP	Exploited Host
🇺🇸 Starburst SysOp Team	2026-05-22 18:50:49 (1 week ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-stl2-13)	Hacking Bad Web Bot
🇺🇸 brantknudson.org	2026-05-21 04:42:35 (2 weeks ago)	Not GET, path='HEAD / HTTP/1.1'	Web App Attack Hacking
🇺🇸 masterguru	2026-05-20 14:06:35 (2 weeks ago)	Host header is a numeric IP address. Pattern match "^ (920350-164)	Hacking Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-20 07:55:10 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 50.116.58.253 (50-116-58-253.ip.linodeuserconte ... show more (mod_security) mod_security (id:210492) triggered by 50.116.58.253 (50-116-58-253.ip.linodeusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 03:55:03.762264 2026] [security2:error] [pid 23090:tid 23090] [client 50.116.58.253:36342] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.202"] [uri "/wp-content/plugins/wp-responsive-images/image_handler.php"] [unique_id "ag1o1-GQRUM0JIxkTMI8SwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 jhuisi	2026-05-19 23:57:14 (2 weeks ago)	Mod Security Hit	Web App Attack

Showing 1 to 15 of 70 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.238

🇲🇽 186.96.145.241

🇺🇸 172.110.223.143

🇷🇴 92.118.39.236

🇳🇱 45.148.10.157

🇨🇳 222.222.124.164

🇭🇰 220.246.42.212

🇺🇸 207.241.173.115

🇷🇺 93.190.227.136

🇩🇪 77.11.20.31

🇺🇸 67.20.116.98

🇰🇷 64.110.90.250

🇭🇰 47.76.34.40

🇳🇱 45.148.10.178

🇳🇱 45.148.10.152

🇳🇱 45.148.10.151

🇬🇧 35.203.211.17

🇩🇪 167.94.145.30

🇺🇸 85.239.151.41

🇺🇸 84.233.212.69