JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.160.116

209.50.160.116 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 17%: ?

17%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.160.116

Whois 209.50.160.116

IP Abuse Reports for 209.50.160.116:

This IP address has been reported a total of 21 times from 11 distinct sources. 209.50.160.116 was first reported on September 28th 2025, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-06-22 19:17:44 (6 days ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
Anonymous	2026-06-21 05:55:07 (1 week ago)	Fail2ban filtered ...	Web App Attack
Anonymous	2026-05-13 22:02:25 (1 month ago)	Multiple failed login attemps RDS-Web-Access-Server	Brute-Force Web App Attack
🇮🇹 VHosting	2025-12-23 11:08:25 (6 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-12-10 10:41:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.160.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.160.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 10 05:41:44.201420 2025] [security2:error] [pid 28398:tid 28398] [client 209.50.160.116:31061] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "plumehair239.com"] [uri "/.env"] [unique_id "aTlOaLzGbepXUA7NXSYFiwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 04:52:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.160.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.160.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 23:52:12.929452 2025] [security2:error] [pid 21962:tid 21987] [client 209.50.160.116:55263] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rogamur.com"] [uri "/.git/HEAD"] [unique_id "aTZZfBqGIUyRhVNW26xiRQAAAFc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 16:48:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.160.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.160.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 11:47:59.397577 2025] [security2:error] [pid 11493:tid 11493] [client 209.50.160.116:54039] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mfleetservice.com"] [uri "/.git/HEAD"] [unique_id "aTMMvzPlg1f35nUpMW2FRwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 11:45:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.160.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.160.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 06:45:17.528557 2025] [security2:error] [pid 31646:tid 31646] [client 209.50.160.116:57845] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "johnsoncityjudo.com"] [uri "/.env"] [unique_id "aTLFzVz_XGhVHVYJXbgPbQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 03:59:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.160.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.160.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 22:59:49.697327 2025] [security2:error] [pid 17412:tid 17412] [client 209.50.160.116:42397] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cesmat.com"] [uri "/.svn/wc.db"] [unique_id "aTJYtXqdlO33y_C0NRwMCgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-12-04 16:14:12 (6 months ago)	WP Login Scan Activities	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-11-28 00:03:21 (7 months ago)	WP Login Scan Activities	Web App Attack
🇺🇸 Psycho Solutions LLC	2025-11-21 06:00:29 (7 months ago)	Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User A ... show more Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User Agent: N/A - Timestamp: 11/21/2025 6:00 am (UTC-6) show less	Web Spam Hacking Bad Web Bot Web App Attack
Anonymous	2025-11-14 00:36:18 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-10-16 20:02:24 (8 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.16 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.16 is noted in report timestamp show less	Hacking Brute-Force
🇨🇦 wil.com	2025-10-16 04:46:45 (8 months ago)	GlobalProtect login attempts with user aldersonelem.	VPN IP Brute-Force

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.139.88

🇮🇳 143.110.183.139

🇰🇭 124.248.167.82

🇨🇳 111.113.88.183

🇮🇳 103.160.209.101

🇩🇪 47.245.131.184

🇺🇸 43.130.49.245

🇻🇪 201.249.87.201

🇦🇷 186.123.101.50

🇺🇸 172.64.217.97

🇺🇸 143.110.150.252

🇸🇬 103.187.146.90

🇷🇺 79.111.229.156

🇮🇹 72.146.2.133

🇩🇪 69.5.169.11

🇺🇸 64.62.156.63

🇫🇮 46.62.153.77

🇩🇪 2.27.20.149

🇺🇸 172.64.217.3

🇺🇸 172.64.217.2