JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.164.160

209.50.164.160 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 10%: ?

10%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.164.160

Whois 209.50.164.160

IP Abuse Reports for 209.50.164.160:

This IP address has been reported a total of 24 times from 16 distinct sources. 209.50.164.160 was first reported on September 28th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 anycast_ac	2026-06-19 11:29:52 (1 week ago)	[DDoS Attacker] This IP was attacking website anycast.ac and sent 1710 requests on port 443	DDoS Attack Web App Attack
🇩🇪 anycast_ac	2026-06-18 16:15:34 (1 week ago)	[DDoS Attacker] This IP was attacking website anycast.ac and sent 770 requests on port 443	DDoS Attack Web App Attack
🇳🇱 MatStef132	2026-05-19 20:59:02 (1 month ago)	MatShield L7: blocked on dstat.selify.io (ua-quarantined)	Bad Web Bot
🇫🇷 MatStef132	2026-05-19 20:55:42 (1 month ago)	MatShield L7: blocked on mathost.eu (ua-quarantined)	Bad Web Bot
🇳🇱 MatStef132	2026-05-15 13:30:00 (1 month ago)	MatShield L7 blocked request to fivemtest.mathost.eu for reason ua-q	DDoS Attack Bad Web Bot Web App Attack
🇫🇷 MatStef132	2026-05-14 21:32:37 (1 month ago)	[mathost.eu] clic	DDoS Attack Bad Web Bot Web App Attack
Anonymous	2025-12-09 02:48:46 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-24 07:43:18 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.160 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.160 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:43:13.736068 2025] [security2:error] [pid 21172:tid 21172] [client 209.50.164.160:44079] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.washburn-books.com"] [uri "/.env"] [unique_id "aSQMkcpXzhKEg_Y3cJ38PgAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:37:06 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.160 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.160 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:36:59.421868 2025] [security2:error] [pid 30420:tid 30420] [client 209.50.164.160:37147] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "andrejblatnik.com"] [uri "/.svn/wc.db"] [unique_id "aSP9C66rG166mHSrl7ZMvgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:11:24 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.160 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.160 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:11:17.049371 2025] [security2:error] [pid 11585:tid 11585] [client 209.50.164.160:37385] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.basse.lahamradio.com"] [uri "/.svn/wc.db"] [unique_id "aSPa5XjJrJUJNXrbPECAiwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 ingroscart.it	2025-11-24 02:25:32 (7 months ago)	(apache-scanners) Failed apache-scanners trigger with match [redacted] from 209.50.164.160 (US/Unite ... show more (apache-scanners) Failed apache-scanners trigger with match [redacted] from 209.50.164.160 (US/United States/-) show less	Port Scan
🇬🇧 Apache	2025-11-23 14:24:50 (7 months ago)	(mod_security) mod_security (id:210730) triggered by 209.50.164.160 (US/United States/-): 5 in the l ... show more (mod_security) mod_security (id:210730) triggered by 209.50.164.160 (US/United States/-): 5 in the last 300 secs show less	Brute-Force Web App Attack
Anonymous	2025-11-07 07:16:11 (7 months ago)	[redacted] 209.50.164.160 - - [07/Nov/2025:08:15:56 +0100] "POST /xmlrpc.php HTTP/2.0" 200 448 "-" " ... show more [redacted] 209.50.164.160 - - [07/Nov/2025:08:15:56 +0100] "POST /xmlrpc.php HTTP/2.0" 200 448 "-" "Mozilla/5.0 (compatible; Konqueror/3.2; Linux) (KHTML, like Gecko)" [redacted] 209.50.164.160 - - [07/Nov/2025:08:15:58 +0100] "POST /xmlrpc.php HTTP/2.0" 200 448 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13E188a Safari/601.1" [redacted] 209.50.164.160 - - [07/Nov/2025:08:15:59 +0100] "POST /xmlrpc.php HTTP/2.0" 200 448 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36" [redacted] 209.50.164.160 - - [07/Nov/2025:08:16:00 +0100] "POST /xmlrpc.php HTTP/2.0" 200 448 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 8_3 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12F70 Safari/600.1.4" [redacted] 209.50.164.160 - - [07/Nov/2025:08:16:02 +0100] "POST /xmlrpc.php HTTP/2.0" 200 448 "-" "Mozilla/5.0 (Lin ... show less	Hacking Web App Attack
🇩🇪 Marc	2025-10-29 18:51:18 (7 months ago)		Brute-Force Web App Attack
Anonymous	2025-10-16 12:47:57 (8 months ago)	Dictionary attack on Palo Alto GlobalProtect VPN portal (port 443) detected via repeated login failu ... show more Dictionary attack on Palo Alto GlobalProtect VPN portal (port 443) detected via repeated login failures with varying usernames. show less	Brute-Force

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2620:96:a005::239

🇺🇸 34.162.70.132

🇨🇳 8.138.228.91

🇮🇹 4.232.94.242

🇨🇳 218.13.141.86

🇸🇪 193.235.22.242

🇺🇸 147.185.132.79

🇸🇬 104.207.76.183

🇳🇱 88.151.33.203

🇫🇷 85.217.140.39

🇨🇳 42.236.211.102

🇺🇸 20.29.23.70

🇯🇵 8.209.212.42

🇮🇳 2402:8100:2dd8:8221:89a7:9fed:9546:3ccc

🇪🇸 212.227.235.203

🇳🇱 195.178.110.228

🇮🇳 66.116.205.19

🇺🇸 193.3.53.6

🇺🇸 162.216.149.252

🇺🇸 152.32.205.153