JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.161.3

209.50.161.3 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.161.3

Whois 209.50.161.3

IP Abuse Reports for 209.50.161.3:

This IP address has been reported a total of 17 times from 8 distinct sources. 209.50.161.3 was first reported on September 29th 2025, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 backslash	2025-12-12 08:50:05 (5 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
Anonymous	2025-12-11 15:24:54 (5 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-25 04:15:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.161.3 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.161.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:15:34.062662 2025] [security2:error] [pid 23700:tid 23700] [client 209.50.161.3:26463] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.securitymontana.com"] [uri "/.svn/wc.db"] [unique_id "aSUtZhxNJtn_YmEzMom5qAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:25:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.161.3 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.161.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:25:10.158524 2025] [security2:error] [pid 12949:tid 12949] [client 209.50.161.3:22121] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.investmentprotectionservices.com"] [uri "/.env"] [unique_id "aSUhlqweckxp693zkuegBAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:54:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.161.3 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.161.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:53:59.073096 2025] [security2:error] [pid 22540:tid 22540] [client 209.50.161.3:34681] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "surfsideautomotive.rosemeadefarms.com"] [uri "/.git/HEAD"] [unique_id "aSUaRzxmh1iRvO-B-CK2uQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:30:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.161.3 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.161.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:30:16.636496 2025] [security2:error] [pid 14497:tid 14497] [client 209.50.161.3:29385] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.lonescouting.us"] [uri "/.svn/wc.db"] [unique_id "aSUUuOLt5KOAUFKJxnqjvgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:02:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.161.3 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.161.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:02:42.586689 2025] [security2:error] [pid 18352:tid 18352] [client 209.50.161.3:21687] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.partybussantafe.com"] [uri "/.svn/wc.db"] [unique_id "aSUOQhEk9YI35IXpi3XqMgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:36:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.161.3 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 209.50.161.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:36:52.642184 2025] [security2:error] [pid 29990:tid 29990] [client 209.50.161.3:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.empoweruamerica.org"] [uri "/.svn/wc.db"] [unique_id "aST6JH15nMljleSWPV0coQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 el-brujo	2025-11-25 00:21:57 (6 months ago)	Cloudflare WAF: Request Path: /.git/HEAD Request Query: Host: hwagm.elhacker.net userAgent: Mozilla ... show more Cloudflare WAF: Request Path: /.git/HEAD Request Query: Host: hwagm.elhacker.net userAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Action: block Source: firewallManaged ASN Description: DREI-K-TECH-GMBH Country: US Method: GET Timestamp: 2025-11-25T00:21:57Z ruleId: 23548ee2b36547a1be09bb2c0550c529. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇨🇦 wil.com	2025-10-14 14:50:44 (7 months ago)	GlobalProtect login attempts with user katelyncoincon.	VPN IP Brute-Force
🇧🇷 hostseries	2025-10-12 04:23:21 (7 months ago)	Trigger: LF_DISTATTACK	Brute-Force
Anonymous	2025-10-07 04:06:15 (8 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.07 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.07 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-03 11:54:56 (8 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.03 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.03 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-03 01:50:29 (8 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-10-02 01:53:27 (8 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.02 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.02 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇪 155.4.244.179

🇧🇭 88.201.83.24

🇩🇪 130.61.152.179

🇵🇰 111.92.151.14

🇮🇩 103.90.67.84

🇮🇳 103.58.251.229

🇮🇷 89.42.151.169

🇱🇹 81.30.98.62

🇹🇿 41.59.184.147

🇳🇱 31.56.233.153

🇬🇧 31.14.254.80

🇮🇳 209.38.122.178

🇷🇺 178.176.224.83

🇧🇷 168.0.82.255

🇨🇦 167.114.139.244

🇮🇳 122.168.123.73

🇰🇷 118.39.230.40

🇰🇭 110.235.247.149

🇵🇰 103.166.151.34

🇧🇩 103.112.207.254