JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.164.120

209.50.164.120 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.164.120

Whois 209.50.164.120

IP Abuse Reports for 209.50.164.120:

This IP address has been reported a total of 28 times from 15 distinct sources. 209.50.164.120 was first reported on September 27th 2025, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-24 10:17:01 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 209.50.164.120 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 209.50.164.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 24 05:16:57.164494 2026] [security2:error] [pid 10030:tid 10030] [client 209.50.164.120:25641] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|havelocktruckandauto.ca\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "havelocktruckandauto.ca"] [uri "/html.sql"] [unique_id "aXScGUsDEIlrS6e4OR_agAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-16 14:34:39 (5 months ago)	wordpress-trap	Web App Attack
Anonymous	2025-12-30 13:22:20 (5 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
Anonymous	2025-12-30 08:35:17 (5 months ago)	"GET /.aws/credentials HTTP/1.1"	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:29:57 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.120 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:29:50.618778 2025] [security2:error] [pid 13755:tid 13755] [client 209.50.164.120:36037] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "onlinebargainsuperstore.com"] [uri "/.git/HEAD"] [unique_id "aVIRzp8zvpMf9fxQEXay_gAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 03:48:13 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.120 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 22:48:08.147730 2025] [security2:error] [pid 25646:tid 25646] [client 209.50.164.120:21787] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "xygil.com"] [uri "/.env"] [unique_id "aVH5-JH4MNQytuvvBY2LoQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:41:12 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.120 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:41:00.887240 2025] [security2:error] [pid 8017:tid 8017] [client 209.50.164.120:20529] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.goepf.com"] [uri "/.svn/wc.db"] [unique_id "aSQoLHznWuxWapoTskxWRQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:30:56 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.120 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:30:52.268652 2025] [security2:error] [pid 23068:tid 23068] [client 209.50.164.120:49321] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.spicerreport.com"] [uri "/.svn/wc.db"] [unique_id "aSQJrDU_s5wo6OdGuSzLqQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:15:12 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.120 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:14:16.130846 2025] [security2:error] [pid 17611:tid 17611] [client 209.50.164.120:57155] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "architx.com"] [uri "/.env"] [unique_id "aSQFyDZJXWOR9rvrKB6YRAAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 i-turnradio.nl	2025-11-24 06:28:28 (7 months ago)	2025-11-24 @ 07:28:27 (CET) ~ Blocked based on risk assessment and prior abuse reports	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:11:11 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.120 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:11:07.250025 2025] [security2:error] [pid 27269:tid 27269] [client 209.50.164.120:37601] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.bizzmail.net"] [uri "/.git/HEAD"] [unique_id "aSP2-zPCtXu7wyPTm8MXrAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-24 06:00:00 (7 months ago)	Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing ... show more Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:36:08 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.120 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:35:49.075644 2025] [security2:error] [pid 3965261:tid 3965322] [client 209.50.164.120:45647] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.aapm.info"] [uri "/.svn/wc.db"] [unique_id "aSPgpR7XGNzpCBYjvUvhRgAAAlc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2025-11-21 07:30:40 (7 months ago)	Web password guessing	Brute-Force
Anonymous	2025-11-14 02:12:53 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 155.103.69.40

🇬🇧 81.19.219.200

🇳🇱 195.178.110.217

🇬🇧 193.32.209.233

🇨🇱 190.20.74.142

🇦🇿 185.146.113.47

🇺🇦 185.12.142.241

🇩🇪 167.94.145.16

🇦🇪 86.96.98.179

🇮🇪 86.44.209.56

🇿🇦 84.8.134.143

🇬🇧 81.19.219.194

🇳🇱 81.19.216.94

🇳🇱 81.19.216.82

🇨🇳 58.255.237.48

🇸🇬 54.251.166.204

🇩🇪 8.211.12.88

🇨🇴 209.14.117.148

🇨🇱 200.86.254.21

🇮🇳 139.59.4.137