JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.163.130

209.50.163.130 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 12%: ?

12%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.163.130

Whois 209.50.163.130

IP Abuse Reports for 209.50.163.130:

This IP address has been reported a total of 29 times from 11 distinct sources. 209.50.163.130 was first reported on September 30th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-23 03:55:23 (2 days ago)	Web App Attack	Web App Attack
🇫🇷 Sklurk	2026-06-20 03:13:04 (5 days ago)	Web App Attack	Web App Attack
🇳🇱 DonAtari	2026-05-28 12:41:41 (3 weeks ago)	DShield firewall scan - TCP to port 9000	Brute-Force SSH
🇨🇭 backslash	2026-01-04 09:10:07 (5 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
Anonymous	2026-01-04 03:09:23 (5 months ago)	wordpress-trap	Web App Attack
🇺🇸 inspectorgdgt	2025-12-24 22:00:00 (6 months ago)	VPN brute-force login attempts observed (bulk report).	Brute-Force
Anonymous	2025-12-01 15:53:51 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-26 11:20:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:20:42.176043 2025] [security2:error] [pid 2785776:tid 2785776] [client 209.50.163.130:37883] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.ipostsocialmedia.com"] [uri "/.git/HEAD"] [unique_id "aSbiirNlHQwzDCQd-pvyIwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 09:58:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 04:58:33.593506 2025] [security2:error] [pid 25046:tid 25046] [client 209.50.163.130:24223] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "petroleum.ic1.biz"] [uri "/.git/HEAD"] [unique_id "aSbPSb8qERuumAW7iEYr1gAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:40:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:40:55.149573 2025] [security2:error] [pid 24059:tid 24059] [client 209.50.163.130:34337] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.manosentuayuda.org"] [uri "/.svn/wc.db"] [unique_id "aSag90eGb_XJ1gFtzlhluwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:53:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:53:08.713058 2025] [security2:error] [pid 1866:tid 1866] [client 209.50.163.130:10353] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.latentpixel.com"] [uri "/.svn/wc.db"] [unique_id "aSaVxGI6fC31oDeFaY4EHQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:10:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:09:56.134657 2025] [security2:error] [pid 24291:tid 24291] [client 209.50.163.130:23045] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.studio716.info"] [uri "/.env"] [unique_id "aSZFVEkgwQlNZAZRqsudNQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 SSH-Admin	2025-11-25 17:20:26 (6 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:09:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:09:29.160198 2025] [security2:error] [pid 3185:tid 3185] [client 209.50.163.130:59921] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.hkaida.com"] [uri "/.svn/wc.db"] [unique_id "aSVIGfT4lKrb9i5YkQUdggAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:57:20 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:57:05.694275 2025] [security2:error] [pid 27221:tid 27221] [client 209.50.163.130:59181] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.ainalea.com"] [uri "/.env"] [unique_id "aSUpEW4SQqEr86N29ODxXAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 181.209.76.203

🇫🇮 74.125.112.20

🇮🇳 52.172.177.191

🇱🇹 45.227.254.170

🇺🇸 35.227.123.178

🇺🇸 23.27.175.241

🇸🇬 172.253.84.211

🇧🇷 170.238.160.191

🇩🇪 104.28.164.209

🇺🇸 104.21.82.36

🇻🇳 103.69.85.64

🇩🇪 69.5.169.158

🇺🇸 66.132.186.231

🇳🇱 34.90.92.136

🇨🇳 221.227.226.188

🇨🇳 220.196.98.87

🇴🇲 206.167.33.157

🇳🇱 176.65.139.56

🇳🇱 176.65.139.36

🇮🇩 114.10.22.20