JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.168.30

209.50.168.30 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 8%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.168.30

Whois 209.50.168.30

IP Abuse Reports for 209.50.168.30:

This IP address has been reported a total of 24 times from 9 distinct sources. 209.50.168.30 was first reported on September 28th 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-12 07:15:59 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 12 03:15:54.472603 2026] [security2:error] [pid 10198:tid 10198] [client 209.50.168.30:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "betiqos.com"] [uri "/.env"] [unique_id "agLTqgYj6vLgbjidK4xx-wAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-16 17:54:02 (1 month ago)	Forum/form spam	Web Spam
Anonymous	2026-03-27 15:00:56 (2 months ago)	Forum/form spam	Web Spam
🇺🇸 cyfordtechnologies.com	2026-03-22 19:41:43 (2 months ago)	High-abuse ASN prefix: 209.50. : Reported by Cyford API	Web App Attack
🇨🇦 SSH-Admin	2026-02-07 17:12:28 (3 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:48:40 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:48:33.156425 2025] [security2:error] [pid 22043:tid 22095] [client 209.50.168.30:55625] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "anointedtour.com"] [uri "/.svn/wc.db"] [unique_id "aVIWMeo-JHkotc-RqBJXjgAAAVM"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 SSH-Admin	2025-12-27 13:45:08 (5 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2025-12-26 14:48:54 (5 months ago)	(mod_security) mod_security (id:225170) triggered by 209.50.168.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 209.50.168.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 26 09:48:51.880158 2025] [security2:error] [pid 1886:tid 1886] [client 209.50.168.30:12569] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|jolankagroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jolankagroup.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aU6gU1ztPy8VfOPRuIkP4AAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 07:34:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:34:03.123606 2025] [security2:error] [pid 19391:tid 19391] [client 209.50.168.30:29549] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.puckerbikini.com"] [uri "/.svn/wc.db"] [unique_id "aSVb63vlR42qzTf70Dv2AwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:43:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:43:47.823677 2025] [security2:error] [pid 12559:tid 12559] [client 209.50.168.30:11999] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kelting.net"] [uri "/.git/HEAD"] [unique_id "aSQaw7RfTUFjZspKQx_GNwAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:15:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:15:11.780647 2025] [security2:error] [pid 3164:tid 3164] [client 209.50.168.30:41737] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.rotentendales.com"] [uri "/.svn/wc.db"] [unique_id "aSQUD60jnwlFuviRPSgcyAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:30:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:30:33.176417 2025] [security2:error] [pid 9314:tid 9314] [client 209.50.168.30:11157] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.sarahpeebles.net"] [uri "/.git/HEAD"] [unique_id "aSPfaQfpDdB2JxArqPRLpAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 05:40:32 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-11-02 20:27:57 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 07:04:17	Port Scan Brute-Force Exploited Host Web App Attack
🇨🇦 wil.com	2025-10-17 13:17:10 (7 months ago)	GlobalProtect login attempts with user yquevedo.	VPN IP Brute-Force

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 146.70.79.47

🇬🇧 94.9.165.161

🇩🇪 69.5.169.175

🇳🇱 45.148.10.157

🇰🇿 31.132.90.3

🇷🇴 2.57.121.112

🇫🇷 2001:41d0:303:141e::1

🇹🇭 180.180.218.74

🇭🇰 114.111.53.214

🇷🇴 92.118.39.62

🇦🇺 4.197.75.18

🇨🇳 223.199.184.82

🇨🇳 182.119.224.53

🇨🇳 116.178.131.154

🇨🇳 112.232.48.93

🇨🇳 112.123.107.111

🇺🇸 91.230.168.209

🇺🇸 72.10.32.138

🇨🇳 59.36.233.74

🇬🇧 37.10.113.218