JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.161.76

209.50.161.76 was found in our database!

This IP was reported 55 times. Confidence of Abuse is 74%: ?

74%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.161.76

Whois 209.50.161.76

IP Abuse Reports for 209.50.161.76:

This IP address has been reported a total of 55 times from 27 distinct sources. 209.50.161.76 was first reported on September 28th 2025, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-19 07:06:52 (1 hour ago)	Trying to access config files	Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 06:27:05 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 209.50.161.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.161.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 02:27:02.225983 2026] [security2:error] [pid 22728:tid 22728] [client 209.50.161.76:50615] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tankercontrol.com"] [uri "/.git/config"] [unique_id "ajOPttoSD-6bZm7MgvBLRwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 TheCoon	2026-06-18 06:15:01 (1 day ago)	Automated: Credential theft attempt - JSON bomb served	Web App Attack Hacking
🇫🇮 kumiko	2026-06-18 06:05:09 (1 day ago)	[2026-06-18 09:05:09] Probing for dotfiles "GET /.git/config HTTP/1.1" 301	Bad Web Bot Web App Attack
🇦🇺 paulshipley.com.au	2026-06-18 05:27:15 (1 day ago)	[Thu Jun 18 15:27:14.157816 2026] [security2:error] [pid 481113] [client 209.50.161.76:19591] [clien ... show more [Thu Jun 18 15:27:14.157816 2026] [security2:error] [pid 481113] [client 209.50.161.76:19591] [client 209.50.161.76] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "rjryanpartners.com.au"] [uri "/.git/config"] [unique_id "ajOBsiXOADkpxnuY_1lv7AAAAAg"] ... show less	Web App Attack
Anonymous	2026-06-18 04:38:06 (1 day ago)	209.50.161.76 - - [18/Jun/2026:04:38:05 +0000] "GET /.git/config HTTP/1.1" 302 454 "-" "Mozilla/5.0 ... show more 209.50.161.76 - - [18/Jun/2026:04:38:05 +0000] "GET /.git/config HTTP/1.1" 302 454 "-" "Mozilla/5.0 (Linux; U; Android 8.1.0; en-us; Redmi 5 Plus Build/OPM1.171019.019) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/71.0.3578.141 Mobile Safari/537.36 XiaoMi/MiuiBrowser/10.9.7-g" ... show less	Bad Web Bot Web App Attack
🇫🇮 inlink.ltd	2026-06-18 04:21:04 (1 day ago)	dot file probe	Web App Attack
Anonymous	2026-06-18 03:36:45 (1 day ago)	209.50.161.76 - - [18/Jun/2026:11:36:45 +0800] "GET /.git/config HTTP/1.1" 301 240 "-" "Mozilla/5.0 ... show more 209.50.161.76 - - [18/Jun/2026:11:36:45 +0800] "GET /.git/config HTTP/1.1" 301 240 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.84 Safari/537.36" ... show less	Bad Web Bot Web App Attack
🇩🇪 Lino Project	2026-06-18 03:32:51 (1 day ago)	209.50.161.76 - - [18/Jun/2026:05:32:47 +0200] "GET /.git/config HTTP/1.1" 403 3821 "-" "Mozilla/5.0 ... show more 209.50.161.76 - - [18/Jun/2026:05:32:47 +0200] "GET /.git/config HTTP/1.1" 403 3821 "-" "Mozilla/5.0 (Windows NT 6.0; rv:14.0) Gecko/20100101 Firefox/14.0.1" ... show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-18 03:05:31 (1 day ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 02:55:22 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 209.50.161.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.161.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 22:55:15.862970 2026] [security2:error] [pid 23353:tid 23353] [client 209.50.161.76:41939] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "karsini-services.com"] [uri "/.git/config"] [unique_id "ajNeE1Xb7wiqZYZkIHNBGQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 filstal.org	2026-06-18 01:37:46 (1 day ago)	Automated bot: spoofed/impossible user-agent, web scraping or automated request patterns detected. U ... show more Automated bot: spoofed/impossible user-agent, web scraping or automated request patterns detected. UA: Opera/9.5 (Microsoft Windows; PPC; Opera Mobi; U) SonyEricssonX1i/R2AA Profile/MIDP-2.0 Configuration/CLDC-1.1 show less	Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-06-18 01:25:04 (1 day ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 Equity Steward	2026-06-18 01:13:57 (1 day ago)	Systematic automated scraping and endpoint enumeration against equitysteward.org. 1 offences recorde ... show more Systematic automated scraping and endpoint enumeration against equitysteward.org. 1 offences recorded. Trigger: Honeypot path accessed: /.git/config — deliberately ignored robots.txt Disallow directive.. Canary ref: 29f9dc03-1bf. show less	Web App Attack Bad Web Bot
🇺🇸 mnsf	2026-06-18 01:12:35 (1 day ago)	Abuse Detected (2)	Brute-Force Web App Attack

Showing 1 to 15 of 55 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 200.153.86.250

🇮🇶 185.166.25.150

🇻🇳 171.249.164.242

🇸🇪 171.25.158.74

🇺🇸 162.216.149.248

🇳🇱 45.148.10.240

🇬🇧 35.203.211.148

🇬🇧 35.203.211.101

🇺🇸 20.65.195.109

🇬🇧 217.146.80.107

🇺🇸 216.218.206.103

🇫🇷 207.180.249.54

🇧🇷 201.48.203.57

🇺🇸 162.216.150.131

🇨🇳 116.179.32.115

🇷🇴 80.94.95.173

🇺🇸 65.49.1.58

🇰🇿 37.151.47.27

🇯🇵 8.216.5.99

🇺🇸 208.84.102.181