JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.160.112

209.50.160.112 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.160.112

Whois 209.50.160.112

IP Abuse Reports for 209.50.160.112:

This IP address has been reported a total of 25 times from 13 distinct sources. 209.50.160.112 was first reported on September 27th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-04-14 00:00:55 (1 month ago)	Attempt to scan vulnerabilities	Hacking
Anonymous	2026-04-12 06:19:36 (1 month ago)	Attempt to scan vulnerabilities	Hacking
🇺🇸 findlab	2026-01-09 09:20:04 (5 months ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-07 17:51:35 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.160.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.160.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 07 12:51:29.016268 2026] [security2:error] [pid 7816:tid 7816] [client 209.50.160.112:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "upskirtcrazy.com"] [uri "/.git/HEAD"] [unique_id "aV6dITkDWKtWO4MBjQaacwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 oncord	2025-12-30 21:23:56 (5 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2025-12-30 10:22:05 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.160.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.160.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 30 05:21:38.509106 2025] [security2:error] [pid 23168:tid 23168] [client 209.50.160.112:57727] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.trafficstopper.com"] [uri "/.env"] [unique_id "aVOnsgDtF2L6DiALUhb5nQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-12-23 14:20:32 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
Anonymous	2025-12-12 00:26:13 (6 months ago)	botnet	DDoS Attack
🇺🇸 nowyouknow	2025-12-08 19:04:49 (6 months ago)	(From [email protected]) Interested in sending more people to sandyplai ... show more (From [email protected]) Interested in sending more people to sandyplainschiro.com? Begin now: https://rb.gy/p82gvr show less	Phishing Web Spam
🇺🇸 nowyouknow	2025-11-29 08:47:17 (6 months ago)	(From [email protected]) Ready to see poweroflifedartmouth.com traffic g ... show more (From [email protected]) Ready to see poweroflifedartmouth.com traffic grow fast? Open here: https://rb.gy/p82gvr show less	Phishing Web Spam
🇺🇸 TPI-Abuse	2025-11-25 07:01:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.160.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.160.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:01:28.538978 2025] [security2:error] [pid 28997:tid 28997] [client 209.50.160.112:38741] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.johnbentley.info"] [uri "/.env"] [unique_id "aSVUSIR2BmerXCT7rk-O0QAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:47:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.160.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.160.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:47:45.574476 2025] [security2:error] [pid 18394:tid 18394] [client 209.50.160.112:23081] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.imbrasacademic.com"] [uri "/.env"] [unique_id "aSP_kRqEPy4PYXdkslhS3AAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 02:55:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.160.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.160.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 21:55:36.614666 2025] [security2:error] [pid 2893:tid 2897] [client 209.50.160.112:57275] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.spiritualchristian.com"] [uri "/.env"] [unique_id "aSPJKCZWVzJkk5khHgNSgQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-16 02:52:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.160.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.160.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 15 21:52:45.808885 2025] [security2:error] [pid 17690:tid 17690] [client 209.50.160.112:48579] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.demodextreatments.com"] [uri "/.env"] [unique_id "aRk8fbFy9bFY0S5-hSyQQwAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 spamverify.com	2025-11-03 00:43:38 (7 months ago)	Honeypot Hit: Contact Form	Web Spam Blog Spam Bad Web Bot Web App Attack

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 199.30.231.6

🇻🇳 171.231.192.219

🇭🇰 101.36.111.86

🇺🇸 64.62.197.197

🇨🇳 47.95.234.23

🇧🇪 35.205.10.253

🇧🇪 34.52.150.213

🇸🇬 156.67.217.179

🇫🇷 85.217.140.41

🇩🇪 69.5.169.175

🇺🇸 66.132.224.20

🇳🇱 45.148.10.157

🇩🇪 213.209.159.225

🇦🇪 92.99.170.217

🇵🇱 91.246.208.85

🇺🇸 69.12.64.60

🇺🇸 64.62.197.44

🇸🇬 47.84.98.4

🇬🇧 35.203.211.121

🇮🇹 151.38.10.64