JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.166.130

209.50.166.130 was found in our database!

This IP was reported 37 times. Confidence of Abuse is 62%: ?

62%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.166.130

Whois 209.50.166.130

IP Abuse Reports for 209.50.166.130:

This IP address has been reported a total of 37 times from 21 distinct sources. 209.50.166.130 was first reported on September 26th 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 4server	2026-06-18 07:25:16 (3 days ago)	[ThuJun1809:25:13.3366912026][security2:error][pid4115548:tid4115556][client209.50.166.130:0]ModSecu ... show more [ThuJun1809:25:13.3366912026][security2:error][pid4115548:tid4115556][client209.50.166.130:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:10\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"traslochiamo.ch\"][uri\"/.git/config\"][unique_id\"ajOdWWvrUAY70g4k90XPKwAAAEU\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 ambor	2026-06-18 06:59:30 (3 days ago)	Honeypot triggered on tcpdata.com - Attempted to access /.git/config (git_probe). User-Agent: Mozill ... show more Honeypot triggered on tcpdata.com - Attempted to access /.git/config (git_probe). User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3876.0 Safari/537.36 show less	Web App Attack
🇩🇪 HERA - Operations	2026-06-18 06:13:55 (3 days ago)	sensobox - searching for vulnerable scripts: config 2026/06/18 08:13:55	Web App Attack
🇩🇪 webko.si	2026-06-18 05:24:14 (3 days ago)	pridenmozic.si: Bruteforce web app access, URI detail: '/.git/config'.	Web App Attack
🇧🇪 voormedia	2026-06-18 04:51:41 (3 days ago)	Accessed trap at '/.git/config'	Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 03:12:59 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 209.50.166.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.166.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 23:12:54.817376 2026] [security2:error] [pid 2716:tid 2716] [client 209.50.166.130:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kidswithcamerasmovie.com"] [uri "/.git/config"] [unique_id "ajNiNgxe8AwM-LsCNMW29QAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 ketovoila.pl	2026-06-18 03:11:18 (3 days ago)	ketovoila.pl web app secret/repository scan: hits=1; unique_paths=1; sample_paths=/.git/config; UA=" ... show more ketovoila.pl web app secret/repository scan: hits=1; unique_paths=1; sample_paths=/.git/config; UA="Screaming Frog SEO Spider/8.1"; window=2026-06-18T03:11:18Z..2026-06-18T03:11:18Z show less	Bad Web Bot Web App Attack
🇳🇴 jad-abuse	2026-06-18 01:25:25 (3 days ago)	ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: git_expos ... show more ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: git_exposure. Observed by 1 sensor(s); 1 hits. show less	Web App Attack
🇺🇸 mnsf	2026-06-18 01:12:36 (3 days ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇬🇧 consul.to	2026-06-16 10:33:06 (5 days ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 Axel	2026-06-14 09:35:19 (1 week ago)	Blocked by UFW on MVI [443/tcp] \| SPT: 13339 \| TTL: 55 \| LEN: 60 \| TOS: 0x00 • Reported by: github.c ... show more Blocked by UFW on MVI [443/tcp] \| SPT: 13339 \| TTL: 55 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇪🇸 librebit	2026-05-17 04:24:27 (1 month ago)	Brute force	Brute-Force
Anonymous	2026-04-12 05:54:12 (2 months ago)	Attempt to scan vulnerabilities	Hacking
🇨🇦 SSH-Admin	2026-02-07 17:12:28 (4 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇩🇪 F242	2026-01-30 05:22:43 (4 months ago)	Wordpress Login or XMLRPC abuse	Web App Attack

Showing 1 to 15 of 37 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.232

🇨🇳 182.244.0.150

🇮🇩 108.136.131.13

🇧🇬 79.124.62.134

🇺🇸 24.9.62.92

🇮🇳 2405:201:200c:243:5843:d6e3:b8da:8dcf

🇨🇿 217.75.222.91

🇺🇸 216.180.246.183

🇬🇧 193.163.125.245

🇸🇪 193.105.134.97

🇳🇱 176.65.139.229

🇳🇱 176.65.132.17

🇺🇸 137.184.219.89

🇨🇳 111.12.152.230

🇳🇱 91.92.42.195

🇨🇦 85.217.149.32

🇺🇸 66.132.186.241

🇺🇸 43.153.35.128

🇬🇧 31.14.254.88

🇲🇴 182.93.50.90