JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.166.193

209.50.166.193 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 23%: ?

23%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.166.193

Whois 209.50.166.193

IP Abuse Reports for 209.50.166.193:

This IP address has been reported a total of 28 times from 13 distinct sources. 209.50.166.193 was first reported on September 27th 2025, and the most recent report was 17 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 FeG Deutschland	2026-06-13 01:58:35 (17 hours ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2	Exploited Host Web App Attack
🇫🇷 pm33	2026-06-12 14:07:40 (1 day ago)	Wordpress login attempts	Brute-Force
🇺🇸 lostswordfish.com	2026-06-11 18:34:04 (2 days ago)	Wordfence waf block on pameganslaw	Web App Attack
🇫🇷 pm33	2026-06-10 16:22:22 (3 days ago)	Wordpress login attempts	Brute-Force
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 nowyouknow	2026-01-25 06:08:42 (4 months ago)	(From [email protected]) Hello, My name is Charlotte Douglas with Unit ... show more (From [email protected]) Hello, My name is Charlotte Douglas with United Eletrical Contractor. As part of our Q1 Q2 2026 planning, we are exploring select business partnerships and advisory relationships and would welcome a brief discussion to assess potential alignment. Kind regards, Charlotte Douglas Project Executive United Eletrical Contractor show less	Phishing Web Spam
🇺🇸 TPI-Abuse	2025-12-08 08:40:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.166.193 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.166.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 03:40:22.232041 2025] [security2:error] [pid 5780:tid 5780] [client 209.50.166.193:54345] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sigridsnaturalfoods.com"] [uri "/.git/HEAD"] [unique_id "aTaO9q5BQeH3E6SilOigmgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 jjnxpct	2025-12-08 04:48:18 (6 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.env (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .env found within REQUEST_FILENAME: /.env] show less	Hacking Web App Attack
🇳🇱 homeshowdomain.nl	2025-12-07 22:59:18 (6 months ago)	Auto-ban: >3000 req/min op 2025-12-07	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-12-06 11:25:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.166.193 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.166.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 06:25:53.553914 2025] [security2:error] [pid 12137:tid 12137] [client 209.50.166.193:23617] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ardath.net"] [uri "/.svn/wc.db"] [unique_id "aTQSwZgpuruq13DksLME2AAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 12:34:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.166.193 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.166.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 07:34:08.709664 2025] [security2:error] [pid 29476:tid 29476] [client 209.50.166.193:37371] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "theyoungstrategist.com"] [uri "/.svn/wc.db"] [unique_id "aTLRQKvcVe5cb9SOYqfnwAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 11:12:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.166.193 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.166.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 06:12:19.820034 2025] [security2:error] [pid 17458:tid 17458] [client 209.50.166.193:36017] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "i4agency.com"] [uri "/.git/HEAD"] [unique_id "aTK-E7Me2cthgvQxp43Q_QAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 10:12:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.166.193 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.166.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 05:12:19.512382 2025] [security2:error] [pid 23065:tid 23065] [client 209.50.166.193:46681] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ismycorporationsafe.com"] [uri "/.env"] [unique_id "aTKwAyOGBGp5ygQpDH_ZyQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 08:31:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.166.193 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.166.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 03:31:49.478244 2025] [security2:error] [pid 2096:tid 2096] [client 209.50.166.193:50139] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "icaruscreativearts.com"] [uri "/.git/HEAD"] [unique_id "aTKYdZFrTz_GkJATIZ86ogAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 05:43:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.166.193 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.166.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 00:43:38.969550 2025] [security2:error] [pid 9697:tid 9697] [client 209.50.166.193:29905] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "micahgartman.com"] [uri "/.svn/wc.db"] [unique_id "aTJxCse5vsN9j3xJjfNPBAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.226

🇷🇺 178.178.222.61

🇰🇷 119.203.251.187

🇳🇱 91.92.40.44

🇳🇱 45.148.10.183

🇺🇸 34.22.40.255

🇺🇸 2607:f8b0:4004:1009::124

🇲🇽 187.211.121.112

🇵🇰 139.135.59.251

🇨🇳 111.113.89.67

🇮🇪 54.216.69.173

🇳🇱 45.148.10.151

🇺🇸 20.150.193.141

🇸🇬 8.219.155.28

🇷🇴 2.57.121.112

🇧🇪 198.235.24.255

🇹🇹 170.82.209.175

🇺🇸 162.216.150.166

🇭🇰 156.245.239.180

🇧🇷 138.99.80.102