JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.169.12

209.50.169.12 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 3%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.169.12

Whois 209.50.169.12

IP Abuse Reports for 209.50.169.12:

This IP address has been reported a total of 21 times from 14 distinct sources. 209.50.169.12 was first reported on September 27th 2025, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-01 13:07:38 (6 days ago)	Scanning/Probing (24)	Brute-Force Web App Attack
🇺🇸 nowyouknow	2026-01-03 00:15:39 (5 months ago)	(From [email protected]) Best quality seo backlinks to boost up your website's backlinks! ... show more (From [email protected]) Best quality seo backlinks to boost up your website's backlinks! BonusBacklinks.com - we provide daily backlinks and bring organic visits to your page EVERY DAY: + Take 85% SALE + Trusted daily backlinks + Real web traffic + Prices start from $1 + Bonus coupon codes: https://tiny.cc/bonusbacklinks-deal BonusBacklinks.com - daily seo backlinks and website visits to grow your page everyday show less	Phishing Web Spam
🇪🇸 10dencehispahard SL	2025-12-29 09:24:23 (5 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇨🇿 lp	2025-12-11 11:51:03 (5 months ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 209.50.169.12 2025-12-11T12:23:30+01: ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 209.50.169.12 2025-12-11T12:23:30+01:00 vpn Access-Reject 'pavm07' station: 209.50.169.12 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇱🇻 garmtech.com	2025-12-02 11:31:27 (6 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 13-31.209.50.169.12.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 13-31.209.50.169.12.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇦🇺 oncord	2025-11-29 16:35:34 (6 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2025-11-24 09:30:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.169.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.169.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:30:18.092918 2025] [security2:error] [pid 9160:tid 9160] [client 209.50.169.12:43231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.emmtrucking.com"] [uri "/.svn/wc.db"] [unique_id "aSQlqgLUc0OeaqBKPHYtoAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:11:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.169.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.169.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:11:16.476235 2025] [security2:error] [pid 25719:tid 25719] [client 209.50.169.12:29649] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sidkha.com"] [uri "/.env"] [unique_id "aSQTJBCbJ8jLVm-Z90rGMgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:55:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.169.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.169.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:54:37.560233 2025] [security2:error] [pid 6437:tid 6437] [client 209.50.169.12:30187] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.jperverseincentives.com"] [uri "/.svn/wc.db"] [unique_id "aSQPPc-lqqnLIwnjeHilWwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:33:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.169.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.169.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:33:03.345652 2025] [security2:error] [pid 18048:tid 18048] [client 209.50.169.12:50151] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "atame.com"] [uri "/.env"] [unique_id "aSQKL8NDLeC87_AxhDqp4AAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:48:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.169.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.169.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:48:02.845321 2025] [security2:error] [pid 8135:tid 8135] [client 209.50.169.12:48257] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.audio.hatfulofrain.com"] [uri "/.git/HEAD"] [unique_id "aSPjgrv0_ap3fIFnFp_OMAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 myintarweb	2025-11-24 04:26:02 (6 months ago)	209.50.169.12 - - [24/Nov/2025:04:26:01 +0000] 80 "GET /.git/HEAD HTTP/1.1" 301 1609 "-" "Mozilla/5. ... show more 209.50.169.12 - - [24/Nov/2025:04:26:01 +0000] 80 "GET /.git/HEAD HTTP/1.1" 301 1609 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36" ... show less	Hacking Bad Web Bot Web App Attack
🇦🇺 MAGIC	2025-11-18 01:18:25 (6 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 myagent.site	2025-11-17 05:32:51 (6 months ago)	Blocking for trying to access an exploit file: /config.php	Hacking
Anonymous	2025-11-14 02:03:03 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇦 51.253.250.148

🇬🇧 193.32.209.226

🇮🇳 175.101.131.169

🇩🇪 165.22.83.2

🇭🇰 154.221.17.137

🇫🇮 147.185.133.135

🇨🇳 115.231.78.11

🇺🇸 50.6.228.52

🇮🇩 180.243.13.231

🇧🇷 179.184.242.48

🇩🇪 87.106.47.28

🇮🇹 79.44.197.46

🇲🇾 51.162.192.62

🇻🇳 27.71.85.209

🇺🇸 24.199.83.188

🇫🇷 5.39.112.209

🇦🇪 2.49.10.73

🇺🇸 2604:a880:400:d1:0:4:8c0d:1001

🇬🇧 217.146.80.118

🇻🇳 171.244.201.80