JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.161.12

209.50.161.12 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.161.12

Whois 209.50.161.12

IP Abuse Reports for 209.50.161.12:

This IP address has been reported a total of 17 times from 9 distinct sources. 209.50.161.12 was first reported on September 26th 2025, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-01-14 00:30:53 (4 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 02-30.209.50.161.12.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 02-30.209.50.161.12.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇩🇪 iNetWorker	2025-12-30 11:47:06 (5 months ago)	trolling for resource vulnerabilities	Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 12:26:09 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.161.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.161.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 07:26:01.627956 2025] [security2:error] [pid 24308:tid 24308] [client 209.50.161.12:42765] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "elenius.com"] [uri "/.git/HEAD"] [unique_id "aVJzWTNNWeXOAsv4fzvYHwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 09:20:12 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.161.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.161.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 04:20:07.448945 2025] [security2:error] [pid 6435:tid 6459] [client 209.50.161.12:33237] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "transitionalcareservices.com"] [uri "/.env"] [unique_id "aVJHx5gf3t6w2YZwEdm9zQAAARQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 SSH-Admin	2025-12-27 13:45:08 (5 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇮🇹 VHosting	2025-12-23 16:50:08 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-24 05:43:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.161.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.161.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:43:15.691684 2025] [security2:error] [pid 12291:tid 12291] [client 209.50.161.12:18963] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.chrisbilder.com"] [uri "/.svn/wc.db"] [unique_id "aSPwcxtM0_OtGM0neUqz3QAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:15:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.161.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.161.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:15:14.365863 2025] [security2:error] [pid 25027:tid 25027] [client 209.50.161.12:59763] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "adlabsnetworks.net"] [uri "/.svn/wc.db"] [unique_id "aSPp4i-n6d_j1ig3aWUdVQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 01:46:27 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇭🇺 zolav8	2025-11-08 04:47:09 (7 months ago)	SQL injection / web attack attempt	Hacking SQL Injection
🇨🇦 wil.com	2025-10-18 03:07:30 (7 months ago)	GlobalProtect login attempts with user mymiller.	VPN IP Brute-Force
🇺🇸 TPI-Abuse	2025-10-09 09:04:07 (8 months ago)	(mod_security) mod_security (id:210350) triggered by 209.50.161.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 209.50.161.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 09 05:04:02.603252 2025] [security2:error] [pid 8937:tid 8937] [client 209.50.161.12:20827] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|192.64.150.251:443\|F\|4"] [data "close, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "192.64.150.251"] [uri "/"] [unique_id "aOd6gtLoc-EJnLUIUlRGPAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-07 16:39:05 (8 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.07 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.07 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-01 16:31:10 (8 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.01 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.01 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-09-30 06:46:28 (8 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.09.30 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.09.30 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.43

🇮🇩 125.163.112.234

🇫🇷 77.32.149.6

🇺🇸 66.132.195.31

🇧🇪 46.183.187.213

🇷🇺 46.161.50.109

🇪🇨 45.224.97.241

🇺🇸 195.210.125.6

🇩🇪 157.230.23.114

🇦🇺 124.150.139.84

🇺🇸 74.7.228.199

🇲🇾 47.250.143.170

🇵🇰 223.123.72.61

🇨🇳 175.148.152.252

🇺🇸 172.68.150.214

🇺🇸 165.227.73.104

🇮🇳 157.45.235.24

🇵🇰 153.117.34.237

🇳🇱 87.121.69.138

🇩🇪 69.5.169.178