JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.161.2

209.50.161.2 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.161.2

Whois 209.50.161.2

IP Abuse Reports for 209.50.161.2:

This IP address has been reported a total of 28 times from 13 distinct sources. 209.50.161.2 was first reported on September 29th 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 tecnicorioja	2026-05-15 22:00:28 (3 weeks ago)	wp-login attack [15/May/2026:20:54:10	Brute-Force Web App Attack
Anonymous	2025-12-09 14:14:29 (5 months ago)	botnet	DDoS Attack
🇩🇪 Packets-Decreaser.NET	2025-11-30 13:09:57 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇷🇸 Smel	2025-11-26 11:18:27 (6 months ago)	Unauthorized Probe/Connection, Hack -	Port Scan Hacking
🇺🇸 TPI-Abuse	2025-11-26 09:36:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.161.2 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.161.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 04:36:49.942288 2025] [security2:error] [pid 3793064:tid 3793095] [client 209.50.161.2:58039] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "61deep.iancaird.com"] [uri "/.env"] [unique_id "aSbKMcImjdfZpXBWNqQKhwAAAE4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:33:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.161.2 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.161.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:32:56.243711 2025] [security2:error] [pid 13860:tid 13860] [client 209.50.161.2:14897] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.boliviapuertapuerta.com"] [uri "/.env"] [unique_id "aSafGEHBBKn1e_nrNvmr3AAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 03:25:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.161.2 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.161.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 22:24:58.956861 2025] [security2:error] [pid 31842:tid 31842] [client 209.50.161.2:47505] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.blockadegc.com"] [uri "/.git/HEAD"] [unique_id "aSZzCh0dd5ZemXFx42cmggAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:24:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.161.2 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.161.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:24:30.458359 2025] [security2:error] [pid 23396:tid 23396] [client 209.50.161.2:25753] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.uglykid.net"] [uri "/.svn/wc.db"] [unique_id "aSZk3lpabAgOPDYPbrk0hwAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:00:54 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 209.50.161.2 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 209.50.161.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:00:49.282048 2025] [security2:error] [pid 21273:tid 21273] [client 209.50.161.2:24887] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.investorsgeorgia.usaangelinvestors.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.investorsgeorgia.usaangelinvestors.com"] [uri "/.svn/wc.db"] [unique_id "aSZfUSZb8iTi6COcVkrL4QAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:13:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.161.2 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.161.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:12:59.876958 2025] [security2:error] [pid 18130:tid 18130] [client 209.50.161.2:34363] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.newlifecommunitycare.org"] [uri "/.git/HEAD"] [unique_id "aSZUGwV5GuYJG2hwZOTySQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:09:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.161.2 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.161.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:08:56.494882 2025] [security2:error] [pid 9739:tid 9739] [client 209.50.161.2:33007] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.thenitecapsbluesband.com"] [uri "/.env"] [unique_id "aSZFGLB-1WYad18gV2VauAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 Rosh	2025-11-25 02:28:04 (6 months ago)	[11/25/25 03:28:04] Unauthorized request HTTP/1.1 404 on port 80	Hacking Web App Attack
Anonymous	2025-11-14 05:34:37 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇨🇦 wil.com	2025-10-17 18:34:52 (7 months ago)	GlobalProtect login attempts with user osalami.	VPN IP Brute-Force
Anonymous	2025-10-17 11:24:47 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.17 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.17 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.226

🇵🇦 190.32.246.14

🇨🇳 58.48.170.235

🇳🇱 45.148.10.157

🇺🇸 216.73.216.228

🇵🇰 160.250.51.91

🇭🇰 103.97.177.49

🇮🇳 82.38.235.52

🇳🇱 45.148.10.141

🇺🇸 43.166.171.203

🇮🇳 2a02:4780:11:1357:0:2941:f5fc:1

🇩🇪 217.160.78.84

🇩🇪 193.36.84.88

🇧🇩 118.179.184.23

🇧🇩 103.153.110.190

🇻🇳 103.24.245.67

🇱🇹 81.30.98.62

🇳🇱 81.19.216.104

🇳🇱 45.153.34.112

🇻🇪 190.120.249.64