JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.166.240

209.50.166.240 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.166.240

Whois 209.50.166.240

IP Abuse Reports for 209.50.166.240:

This IP address has been reported a total of 12 times from 6 distinct sources. 209.50.166.240 was first reported on September 27th 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 cyfordtechnologies.com	2026-03-21 07:45:08 (2 months ago)	High-abuse ASN prefix: 209.50. : Reported by Cyford API	Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 11:49:04 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.166.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.166.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 06:49:01.327201 2025] [security2:error] [pid 1592:tid 1592] [client 209.50.166.240:15491] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "endersworkshop.com"] [uri "/.svn/wc.db"] [unique_id "aVJqrTRlFa8GQqie0z1idAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 08:48:12 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.166.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.166.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 03:48:09.587164 2025] [security2:error] [pid 10444:tid 10444] [client 209.50.166.240:51831] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "delta-pizza.com"] [uri "/.git/HEAD"] [unique_id "aVJASXBT07Fmucjj5keOQwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 06:25:26 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.166.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.166.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:25:19.824222 2025] [security2:error] [pid 31056:tid 31056] [client 209.50.166.240:18875] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jennifergiesler.com"] [uri "/.svn/wc.db"] [unique_id "aVIez0rv7oUn37MzbnjR0gAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:55:16 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.166.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.166.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:55:08.857115 2025] [security2:error] [pid 24774:tid 24774] [client 209.50.166.240:52011] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bwmurphy.com"] [uri "/.git/HEAD"] [unique_id "aVIXvGlWHYlEzi9tZ54BaQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:00:17 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.166.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.166.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:00:10.418720 2025] [security2:error] [pid 2466546:tid 2466572] [client 209.50.166.240:12001] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dontbeajerklikeyourwork.com"] [uri "/.svn/wc.db"] [unique_id "aVIK2pbYT4ZAMDUtuQ28TwAAAVg"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-12-24 05:00:17 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
Anonymous	2025-11-13 20:52:34 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇨🇦 wil.com	2025-10-29 00:07:54 (7 months ago)	GlobalProtect login attempts with user mseemar.	VPN IP Brute-Force
Anonymous	2025-10-07 08:49:16 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.07 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.07 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-09-30 14:39:06 (8 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.09.30 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.09.30 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-09-27 10:32:28 (8 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.40

🇯🇵 207.56.229.243

🇨🇳 171.211.125.105

🇺🇸 161.35.53.219

🇺🇸 143.42.173.60

🇨🇳 121.41.167.124

🇨🇳 117.72.64.105

🇨🇳 111.228.33.68

🇷🇴 80.94.92.184

🇺🇸 66.132.172.251

🇨🇳 14.103.111.167

🇷🇴 2.57.121.25

🇬🇧 212.227.125.15

🇨🇳 180.100.198.68

🇺🇦 176.103.25.3

🇲🇾 117.53.155.161

🇭🇰 103.149.26.230

🇺🇸 45.56.85.254

🇬🇧 35.203.211.226

🇺🇸 2602:fb54:1a00::95