JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.171.112

209.50.171.112 was found in our database!

This IP was reported 36 times. Confidence of Abuse is 23%: ?

23%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.171.112

Whois 209.50.171.112

IP Abuse Reports for 209.50.171.112:

This IP address has been reported a total of 36 times from 17 distinct sources. 209.50.171.112 was first reported on October 1st 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ELYAZ	2026-06-13 18:12:32 (1 day ago)	(y4) Failed scan -byebye- from 209.50.171.112 (US/United States/-): (CF_ENABLE)	Hacking
🇺🇸 lostswordfish.com	2026-06-13 08:14:06 (1 day ago)	Wordfence waf block on parsol	Web App Attack
🇲🇹 Malta	2026-06-11 22:53:54 (3 days ago)	209.50.171.112 - - [12/Jun/2026:00:53:54 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintos ... show more 209.50.171.112 - - [12/Jun/2026:00:53:54 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.15" show less	Hacking Web App Attack
🇮🇹 LTM	2026-03-19 07:20:01 (2 months ago)	WebServer - Attempts to exploit	Hacking Brute-Force Web App Attack
Anonymous	2026-02-15 11:24:11 (3 months ago)	209.50.171.112 - - [15/Feb/2026:11:23:49 +0000] "GET /admin/.env HTTP/1.1" 403 2407 "-" "Mozilla/5.0 ... show more 209.50.171.112 - - [15/Feb/2026:11:23:49 +0000] "GET /admin/.env HTTP/1.1" 403 2407 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-15 06:58:00 (3 months ago)	Blocking for trying to access an exploit file: /app/.git/config	Hacking
🇺🇸 mnsf	2026-02-15 06:07:51 (3 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack
🇬🇧 poundawebsiteltd	2026-02-15 05:23:25 (4 months ago)	Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:80 209.50.171.112 - - [15/Feb/2026:0 ... show more Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:80 209.50.171.112 - - [15/Feb/2026:05:23:23 +0000] GET /.git/config HTTP/1.1 403 213 - Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 show less	Web App Attack
🇫🇷 dynamix	2026-02-15 04:46:10 (4 months ago)	Multiple WAF Violations	Web App Attack
🇨🇭 Origon	2026-02-15 02:24:27 (4 months ago)	http-sensitive-files - IP: 209.50.171.112 - time="2026-02-15T03:24:27+01:00" level=info msg="(555f6 ... show more http-sensitive-files - IP: 209.50.171.112 - time="2026-02-15T03:24:27+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 209.50.171.112 (US/200373) : 4h ban on Ip 209.50.171.112" module=db show less	Web App Attack
🇳🇱 i-turnradio.nl	2026-02-10 02:55:16 (4 months ago)	2026-02-10 03:55:15 (CET) ~ Blocked by abusescan risk assessment	Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:55:16 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:55:10.583008 2026] [security2:error] [pid 22785:tid 22785] [client 209.50.171.112:17129] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kingdomvalleyfarm.com"] [uri "/dev/.git/config"] [unique_id "aYqeDqB8PYqHGQLC0EdjYgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:31:17 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:31:09.150204 2026] [security2:error] [pid 29896:tid 29896] [client 209.50.171.112:46997] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kinaffanchufoods.com"] [uri "/.env.production"] [unique_id "aYqYbUlhLxS3R0X5QiUVYQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 01:11:15 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 20:11:07.168929 2026] [security2:error] [pid 11910:tid 11910] [client 209.50.171.112:44613] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kfraser.com"] [uri "/new/.git/config"] [unique_id "aYqFq3QogZ_FoqLwPm3l1AAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:03:49 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:03:41.064014 2026] [security2:error] [pid 8228:tid 8228] [client 209.50.171.112:13425] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "howwegothere.info"] [uri "/new/.git/config"] [unique_id "aYpnzR_60EcX4UMfWkx4ywAAABY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 36 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 188.240.59.3

🇹🇼 111.70.11.78

🇮🇳 103.211.13.191

🇳🇱 45.148.10.121

🇰🇪 41.203.213.8

🇬🇧 35.203.211.242

🇮🇳 34.180.28.34

🇲🇽 187.187.193.215

🇮🇩 103.165.206.238

🇳🇱 91.92.40.4

🇷🇴 86.120.251.11

🇫🇷 85.217.140.29

🇳🇱 45.148.10.141

🇳🇱 45.86.200.211

🇸🇬 34.124.244.191

🇬🇧 31.14.254.81

🇺🇸 2607:f8b0:4001:c1c::125

🇺🇸 2604:a940:300:5b6:0:15::

🇪🇨 205.235.2.176

🇧🇪 198.235.24.202