JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.163.241

209.50.163.241 was found in our database!

This IP was reported 37 times. Confidence of Abuse is 68%: ?

68%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.163.241

Whois 209.50.163.241

IP Abuse Reports for 209.50.163.241:

This IP address has been reported a total of 37 times from 21 distinct sources. 209.50.163.241 was first reported on September 26th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-23 03:49:11 (1 day ago)	Web App Attack	Web App Attack
🇩🇪 LRob.fr	2026-06-22 19:18:25 (1 day ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-19 00:09:01 (5 days ago)	Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [mx01,mx03]	Bad Web Bot Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-18 09:06:02 (6 days ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice01,ice02,wa02]	Hacking Brute-Force Bad Web Bot Web App Attack
🇳🇱 MM-bot	2026-06-18 07:07:17 (6 days ago)	URL-probe: HTTP/1.1 GET request on /.git/config (2026-06-18 09:07:17 UTC+2)	Web App Attack Hacking
🇬🇧 thetomtaylor.co.uk	2026-06-18 07:05:04 (6 days ago)	Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [wa01]	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 05:16:34 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.241 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 01:16:28.685124 2026] [security2:error] [pid 3305:tid 3327] [client 209.50.163.241:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "raytbrown.com"] [uri "/.git/config"] [unique_id "ajN_LMxAyEtLEjNctqzX8QAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 omartin	2026-06-18 04:31:20 (6 days ago)	Critical Vulnerability Scan detected	Hacking Brute-Force Exploited Host Web App Attack
🇩🇪 4server	2026-06-18 02:50:10 (6 days ago)	[ThuJun1804:50:05.5118962026][security2:error][pid106164:tid106186][client209.50.163.241:0]ModSecuri ... show more [ThuJun1804:50:05.5118962026][security2:error][pid106164:tid106186][client209.50.163.241:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:10\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"jrtradeinnovation.ch\"][uri\"/.git/config\"][unique_id\"ajNc3UTMQGv-cDdtoKU8XAAAAJM\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 02:42:49 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.241 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 22:42:43.653555 2026] [security2:error] [pid 25119:tid 25119] [client 209.50.163.241:51709] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jcbergapparel.com"] [uri "/.git/config"] [unique_id "ajNbI4nBuKsd0jb-_p-NAwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 4server	2026-06-18 02:18:14 (6 days ago)	[ThuJun1804:18:08.6114782026][security2:error][pid3970104:tid3971782][client209.50.163.241:0]ModSecu ... show more [ThuJun1804:18:08.6114782026][security2:error][pid3970104:tid3971782][client209.50.163.241:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"hostingedomini.ch\"][uri\"/.git/config\"][unique_id\"ajNVYHnejgiiOiEk64NpfgAAARY\"] show less	Hacking Web App Attack
🇺🇸 mnsf	2026-06-18 02:05:15 (6 days ago)	Abuse Detected (2)	Brute-Force Web App Attack
🇦🇺 2000cn.com.au	2026-06-18 01:54:47 (6 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇳🇱 wlt-blocker	2026-06-18 01:48:06 (6 days ago)	Unauthorized access to webpage admin	Web App Attack
🇩🇪 FeG Deutschland	2026-06-18 01:25:27 (6 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack

Showing 1 to 15 of 37 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇹 185.197.9.249

🇧🇪 185.190.86.25

🇳🇱 176.65.139.181

🇺🇸 107.150.98.168

🇺🇸 71.6.199.87

🇺🇸 66.132.195.22

🇺🇸 47.89.148.254

🇺🇸 40.90.234.147

🇺🇸 3.237.27.177

🇬🇧 2a0b:4140:103b::2

🇨🇱 201.94.149.109

🇵🇰 154.192.112.178

🇵🇰 153.117.1.166

🇺🇸 142.251.153.1

🇧🇷 118.26.105.52

🇮🇳 117.193.8.121

🇨🇦 85.217.149.40

🇺🇸 70.166.167.44

🇺🇸 66.132.186.137

🇮🇶 65.20.179.251