JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.170.149

209.50.170.149 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 38%: ?

38%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.170.149

Whois 209.50.170.149

IP Abuse Reports for 209.50.170.149:

This IP address has been reported a total of 34 times from 14 distinct sources. 209.50.170.149 was first reported on September 29th 2025, and the most recent report was 19 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ELYAZ	2026-06-20 21:48:19 (19 hours ago)	(y4) Failed scan -byebye- from 209.50.170.149 (US/United States/-): (CF_ENABLE)	Hacking
🇫🇷 tecnicorioja	2026-06-13 22:00:57 (1 week ago)	wp-login attack [13/Jun/2026:03:25:52	Brute-Force Web App Attack
🇫🇷 ELYAZ	2026-06-13 20:23:07 (1 week ago)	(y4) Failed scan -byebye- from 209.50.170.149 (US/United States/-): (CF_ENABLE)	Hacking
🇲🇽 octageeks.com	2026-06-12 04:23:45 (1 week ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇲🇹 Malta	2026-06-11 22:56:22 (1 week ago)	209.50.170.149 - - [12/Jun/2026:00:56:22 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows ... show more 209.50.170.149 - - [12/Jun/2026:00:56:22 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Hacking Web App Attack
🇩🇪 FeG Deutschland	2026-06-10 18:32:06 (1 week ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2	Exploited Host Web App Attack
🇦🇺 HJ5Ss4Ju	2026-06-10 03:10:25 (1 week ago)	Blocked by Wordfence (SID 6)	Web App Attack
🇬🇧 oncord	2026-03-10 22:13:09 (3 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2025-12-28 04:13:51 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.170.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.170.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 23:13:47.784647 2025] [security2:error] [pid 18337:tid 18337] [client 209.50.170.149:13441] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kletzer.com"] [uri "/.svn/wc.db"] [unique_id "aVCue3oHhyfn_TrcqkwjggAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-28 01:55:59 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.170.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.170.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 20:55:55.244581 2025] [security2:error] [pid 30933:tid 30933] [client 209.50.170.149:13991] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hydrometal-js.com"] [uri "/.env"] [unique_id "aVCOK-7j12gn3S-t9DkYOAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-28 00:55:45 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.170.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.170.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 19:55:37.688447 2025] [security2:error] [pid 24061:tid 24061] [client 209.50.170.149:13755] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "davidnevueconcerts.com"] [uri "/.svn/wc.db"] [unique_id "aVCACb5gZZoLg-S7S_t2XwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 16:12:18 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.170.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.170.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 11:12:13.323227 2025] [security2:error] [pid 8610:tid 8610] [client 209.50.170.149:39859] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "spyasociados.com"] [uri "/.svn/wc.db"] [unique_id "aVAFXUG9dkIOK9FdOcCmpQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-15 14:58:26 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-12-02 10:28:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.170.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.170.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 05:28:10.284119 2025] [security2:error] [pid 2195698:tid 2195698] [client 209.50.170.149:38059] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rogerproperties.com"] [uri "/.git/HEAD"] [unique_id "aS6_OmieNMc3O0rjOvlB5wAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-11-30 13:09:57 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2a04:c300:400::1b2

🇮🇳 172.217.34.89

🇩🇪 139.59.138.20

🇨🇦 104.28.244.6

🇧🇷 45.164.251.106

🇺🇸 20.102.100.198

🇺🇸 16.58.56.214

🇧🇷 191.6.5.178

🇳🇱 176.65.139.181

🇹🇭 171.100.67.250

🇨🇦 68.183.193.185

🇸🇬 43.160.225.169

🇪🇬 41.46.222.33

🇺🇸 34.182.210.28

🇮🇳 2401:4900:b521:6555:f4ef:7174:c240:905c

🇨🇳 218.79.61.192

🇭🇰 199.45.155.91

🇲🇽 187.224.50.126

🇨🇳 180.76.174.141

🇺🇸 117.55.229.156