JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.171.137

209.50.171.137 was found in our database!

This IP was reported 42 times. Confidence of Abuse is 14%: ?

14%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.171.137

Whois 209.50.171.137

IP Abuse Reports for 209.50.171.137:

This IP address has been reported a total of 42 times from 16 distinct sources. 209.50.171.137 was first reported on September 26th 2025, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-06-23 22:30:31 (5 days ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇫🇷 Sklurk	2026-06-20 03:14:03 (1 week ago)	Web App Attack	Web App Attack
🇧🇪 cmbplf	2026-03-15 12:26:12 (3 months ago)	2.054 POST requests with url.path /wp-login.php 1.814 requests with url.path /xmlrpc.php	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-06 05:53:07 (4 months ago)	(mod_security) mod_security (id:217280) triggered by 209.50.171.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:217280) triggered by 209.50.171.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 06 00:53:01.653236 2026] [security2:error] [pid 25831:tid 25831] [client 209.50.171.137:19361] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:\\\\n\|\\\\r)+(?:get\|post\|head\|options\|connect\|put\|delete\|trace\|propfind\|propatch\|mkcol\|copy\|move\|lock\|unlock)\\\\s+" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "137"] [id "217280"] [rev "6"] [msg "COMODO WAF: HTTP Request Smuggling Attack\|\|digitalmarketing-group.com\|F\|2"] [data "Matched Data: get found within MATCHED_VAR"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "digitalmarketing-group.com"] [uri "/scripts/form-1234-9ea1.php"] [unique_id "aYWBvekZwmyeXXAwr4SBRAAAABA"], referer: https://digitalmarketing-group.com/Home.html show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 oncord	2026-01-26 01:54:01 (5 months ago)	Form spam	Web Spam
Anonymous	2025-12-30 08:35:20 (5 months ago)	"GET /.aws/credentials HTTP/1.1"	Hacking Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:11 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-29 11:55:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 06:55:34.172383 2025] [security2:error] [pid 2865787:tid 2865806] [client 209.50.171.137:42329] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fixatron.com"] [uri "/.svn/wc.db"] [unique_id "aVJsNpyqIHY7ymJpK4UV0gAAANE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 08:29:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 03:28:56.603406 2025] [security2:error] [pid 21204:tid 21204] [client 209.50.171.137:12505] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jimwilsongallery.com"] [uri "/.env"] [unique_id "aVI7yBcSQ6BxBTdVWWdXaQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:40:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:40:18.062564 2025] [security2:error] [pid 13587:tid 13587] [client 209.50.171.137:18169] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "styxwetworld.com"] [uri "/.git/HEAD"] [unique_id "aVIUQigmz6bR3RR79QUKsgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2025-12-29 04:28:53 (6 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇦🇺 oncord	2025-12-25 08:23:30 (6 months ago)	Form spam	Web Spam
🇮🇹 VHosting	2025-12-24 05:50:18 (6 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
Anonymous	2025-12-11 14:26:54 (6 months ago)	botnet	DDoS Attack
🇦🇺 oncord	2025-12-10 13:05:28 (6 months ago)	Form spam	Web Spam

Showing 1 to 15 of 42 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇷 94.154.43.66

🇱🇹 62.60.130.210

🇺🇸 44.86.113.127

🇨🇳 220.182.14.60

🇺🇸 209.250.4.172

🇺🇸 162.216.150.65

🇨🇳 124.88.113.170

🇷🇴 92.118.39.71

🇳🇱 91.92.40.217

🇧🇬 79.124.56.246

🇺🇸 44.178.78.226

🇦🇷 38.10.113.167

🇬🇧 37.10.113.217

🇺🇸 2607:f8b0:400c:c18::121

🇨🇳 218.201.39.71

🇩🇪 194.187.176.246

🇮🇳 122.166.49.42

🇳🇱 109.237.220.99

🇲🇳 59.153.113.71

🇺🇸 44.171.98.93