JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.170.197

209.50.170.197 was found in our database!

This IP was reported 42 times. Confidence of Abuse is 21%: ?

21%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.170.197

Whois 209.50.170.197

IP Abuse Reports for 209.50.170.197:

This IP address has been reported a total of 42 times from 16 distinct sources. 209.50.170.197 was first reported on September 26th 2025, and the most recent report was 20 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 lostswordfish.com	2026-06-11 10:26:04 (20 minutes ago)	Wordfence waf block on wvrsol	Web App Attack
🇲🇽 octageeks.com	2026-06-11 04:23:09 (6 hours ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇪🇸 librebit	2026-05-17 04:12:21 (3 weeks ago)	Brute force	Brute-Force
Anonymous	2026-04-09 10:24:29 (2 months ago)	FREKISCOM WEBFORM SPAM 209.50.170.197 (209.50.170.197)	Web Spam
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇮🇹 VHosting	2026-01-18 17:10:12 (4 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-01-08 23:46:53 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 209.50.170.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 209.50.170.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 08 18:46:45.278784 2026] [security2:error] [pid 10292:tid 10292] [client 209.50.170.197:16657] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.oualierealty.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.oualierealty.com"] [uri "/db.sql"] [unique_id "aWBB5TAZzdwV97o3KSSrtQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 09:57:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.170.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.170.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 04:56:55.124448 2025] [security2:error] [pid 28352:tid 28352] [client 209.50.170.197:56805] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "register-yacht-greece.com"] [uri "/.env"] [unique_id "aTfyZ9Cxf-JH3ZTcP4mJ3wAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-08 20:04:47 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-12-08 14:55:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.170.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.170.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 09:55:15.878094 2025] [security2:error] [pid 18333:tid 18333] [client 209.50.170.197:57169] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "babylontravelone.com"] [uri "/.git/HEAD"] [unique_id "aTbm02z9qMApSzbrIsxo4wAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 08:48:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.170.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.170.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 03:48:40.036060 2025] [security2:error] [pid 13161:tid 13161] [client 209.50.170.197:43527] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crossfiregold.com"] [uri "/.env"] [unique_id "aTaQ6LBl-6TDyX4lo5nQSAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 23:52:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.170.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.170.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 18:52:36.151229 2025] [security2:error] [pid 814:tid 814] [client 209.50.170.197:54769] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "countrysideinnkingston.com"] [uri "/.env"] [unique_id "aTYTROi9q8mZOIMos6j7eQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 21:28:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.170.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.170.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 16:27:57.723440 2025] [security2:error] [pid 29028:tid 29028] [client 209.50.170.197:22523] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nathsharmaandcompany.com"] [uri "/.env"] [unique_id "aTXxXclCKbe_lW6vGP7MigAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 20:04:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.170.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.170.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 15:04:06.417063 2025] [security2:error] [pid 18717:tid 18717] [client 209.50.170.197:20831] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "retiredengineers.net"] [uri "/.svn/wc.db"] [unique_id "aTSMNkRONOMuCl0ks4TUkgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:09:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.170.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.170.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:09:23.387701 2025] [security2:error] [pid 1817001:tid 1817049] [client 209.50.170.197:18063] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ennerdale.org"] [uri "/.svn/wc.db"] [unique_id "aSVIE2R1ttxeyDpsCa-E0wAAAYo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 42 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 200.32.52.150

🇧🇪 207.175.19.28

🇭🇰 199.45.154.183

🇺🇸 66.132.195.67

🇰🇷 58.224.62.29

🇳🇱 45.148.10.152

🇧🇷 45.4.179.3

🇺🇸 35.94.244.13

🇺🇸 18.209.93.44

🇳🇱 195.178.110.30

🇮🇩 180.248.56.3

🇷🇺 176.120.22.113

🇮🇳 152.52.196.18

🇨🇳 120.48.124.164

🇨🇳 111.26.62.46

🇺🇸 104.236.222.1

🇭🇰 103.146.159.141

🇺🇸 64.62.156.32

🇱🇹 45.227.254.170

🇳🇱 34.158.189.244