JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.166.146

209.50.166.146 was found in our database!

This IP was reported 33 times. Confidence of Abuse is 26%: ?

26%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.166.146

Whois 209.50.166.146

IP Abuse Reports for 209.50.166.146:

This IP address has been reported a total of 33 times from 17 distinct sources. 209.50.166.146 was first reported on September 27th 2025, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-20 02:58:11 (6 hours ago)	Web App Attack	Web App Attack
🇦🇺 MAGIC	2026-06-16 02:05:57 (4 days ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇫🇷 Sklurk	2026-06-11 11:57:35 (1 week ago)	Web App Attack	Web App Attack
🇪🇸 librebit	2026-05-18 00:00:19 (1 month ago)	Brute force	Brute-Force
🇺🇸 LSPCCU	2026-05-06 14:33:53 (1 month ago)	TSEC Honeypot Network report. Threat score: 70/100. Categories: Hacking. Honeypot: ssh-telnet, cowri ... show more TSEC Honeypot Network report. Threat score: 70/100. Categories: Hacking. Honeypot: ssh-telnet, cowrie. Context: 209. show less	Hacking
🇺🇸 cyfordtechnologies.com	2026-05-03 04:08:42 (1 month ago)	High-abuse ASN prefix: 209.50. : Reported by Cyford API	Web App Attack
🇫🇷 COMAITE	2026-03-21 07:24:57 (2 months ago)	SQL injection attempt from 209.50.166.146.	Web App Attack
🇳🇱 Savvii	2026-03-20 04:21:06 (3 months ago)	20 attempts against mh-misbehave-ban on sonic	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-20 07:38:55 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 209.50.166.146 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 209.50.166.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 02:38:50.703215 2026] [security2:error] [pid 16778:tid 16778] [client 209.50.166.146:45761] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cobbwebb.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cobbwebb.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aZgPim0ggi6zU9NOpkeHAwAAAAc"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:56 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-02 17:43:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.166.146 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.166.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 12:43:03.575711 2025] [security2:error] [pid 20398:tid 20424] [client 209.50.166.146:49001] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "beelineproductions.com"] [uri "/.svn/wc.db"] [unique_id "aS8lJ6OfRMcTQYteT7iZkQAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-02 17:42:10 (6 months ago)	"GET /.aws/credentials HTTP/1.1"	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 15:42:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.166.146 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.166.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 10:42:39.866983 2025] [security2:error] [pid 6345:tid 6345] [client 209.50.166.146:52043] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "10bestrestaurants.com"] [uri "/.svn/wc.db"] [unique_id "aS8I7_Fvz0Yyo-ct30Ha6AAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 12:56:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.166.146 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.166.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 07:56:31.247735 2025] [security2:error] [pid 20588:tid 20588] [client 209.50.166.146:33147] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wedeliverstrippers.com"] [uri "/.env"] [unique_id "aS7h_8G77vodhQa8BK3vyQAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 07:54:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.166.146 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.166.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 02:54:05.756523 2025] [security2:error] [pid 31624:tid 31624] [client 209.50.166.146:21441] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "davidocchino.com"] [uri "/.git/HEAD"] [unique_id "aS6bHQfGGt7JhxSEoeT1gAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 33 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 223.123.72.44

🇺🇾 200.71.13.21

🇧🇷 187.63.32.14

🇮🇩 103.114.52.103

🇷🇴 80.94.92.166

🇺🇸 66.132.186.229

🇷🇺 45.92.177.110

🇺🇸 44.52.121.22

🇬🇧 35.203.210.247

🇺🇸 34.68.88.27

🇺🇸 216.126.34.25

🇷🇴 193.46.255.86

🇻🇪 190.199.81.228

🇺🇸 172.252.192.204

🇷🇺 171.22.133.82

🇮🇩 154.22.217.169

🇨🇳 124.128.87.251

🇳🇬 105.112.117.42

🇫🇷 88.189.21.102

🇰🇷 61.85.216.168