JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.171.30

209.50.171.30 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 15%: ?

15%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.171.30

Whois 209.50.171.30

IP Abuse Reports for 209.50.171.30:

This IP address has been reported a total of 32 times from 13 distinct sources. 209.50.171.30 was first reported on September 26th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 spamverify.com	2026-06-12 04:11:23 (1 day ago)	Honeypot Hit: WordPress Login	Web Spam Blog Spam Bad Web Bot Web App Attack
🇬🇷 setupgr	2026-06-12 01:04:02 (2 days ago)	(mod_security) mod_security (id:900001) triggered by 209.50.171.30: 1 in the last 86400 secs; Ports: ... show more (mod_security) mod_security (id:900001) triggered by 209.50.171.30: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 12 04:04:01.239403 2026] [security2:error] [pid 52863:tid 53038] [client 209.50.171.30:46235] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|alloweddomain2\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: tavernadimitris.com"] [severity "CRITICAL"] [tag "security"] [hostname "tavernadimitris.com"] [uri "/wp-login.php"] [unique_id "aitbARJWFl-XeyyYvI7AeQAAANE"], referer: https://tavernadimitris.com/wp-login.php show less	Port Scan
🇨🇳 ThreatBook.io	2026-05-07 02:15:28 (1 month ago)	ThreatBook Intelligence: Spam,Gateway more details on https://threatbook.io/ip/209.50.171.30 2026-05 ... show more ThreatBook Intelligence: Spam,Gateway more details on https://threatbook.io/ip/209.50.171.30 2026-05-06 23:46:38 /management/tenant-monitoring/servers 2026-05-06 23:46:42 /wls-wsat/CoordinatorPortType 2026-05-06 23:46:33 /console/login/LoginForm.jsp 2026-05-06 23:46:40 /config/config.xml 2026-05-06 23:46:35 /weblogic/ready show less	Web App Attack
🇺🇸 mnsf	2026-02-19 05:05:24 (3 months ago)	Too many Status 40X (12) Scanning/Probing (12)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 03:56:55 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 22:56:51.926238 2026] [security2:error] [pid 22071:tid 22071] [client 209.50.171.30:64383] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kinnen.org"] [uri "/site/.git/config"] [unique_id "aZaKA5RPloatfIX_mf7ZGgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 03:37:40 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 22:37:36.546094 2026] [security2:error] [pid 24607:tid 24607] [client 209.50.171.30:45057] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kidswow.com"] [uri "/api/.git/config"] [unique_id "aZaFgN__HaPj07c3IfpFowAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 02:57:13 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 21:57:07.316763 2026] [security2:error] [pid 2777418:tid 2777418] [client 209.50.171.30:62325] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kemblebrothers.com"] [uri "/new/.git/config"] [unique_id "aZZ8A9M2E1VONI_e8KL4owAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 01:28:31 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 20:28:26.080051 2026] [security2:error] [pid 10414:tid 10414] [client 209.50.171.30:50639] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kanata.ws"] [uri "/test/.git/config"] [unique_id "aZZnOrWNPrWMnCR5UTLf3gAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 23:12:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 18:12:27.170413 2026] [security2:error] [pid 23303:tid 23303] [client 209.50.171.30:21409] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "veracurnow.com"] [uri "/.env.save"] [unique_id "aZZHW8a5SSiSNRb5w_3_wQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-02-18 20:18:43 (3 months ago)	Blocked by CSF 13 firewall - Rule: config-dotfile US/United States/-	Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 13:52:58 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 08:52:55.801681 2026] [security2:error] [pid 26445:tid 26445] [client 209.50.171.30:56857] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wordspectrum.com"] [uri "/.env"] [unique_id "aZXEN0zXQnKulUrShRAOqwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 13:24:02 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 08:23:54.673677 2026] [security2:error] [pid 2728:tid 2728] [client 209.50.171.30:19611] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "windisfun.com"] [uri "/admin/.git/config"] [unique_id "aZW9ancUYZPVcvG8oZWxQgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 12:27:44 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 07:27:38.387293 2026] [security2:error] [pid 5920:tid 5920] [client 209.50.171.30:64689] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webjemm.net"] [uri "/test/.git/config"] [unique_id "aZWwOloFUNHRK9_ZOOLzdAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-28 17:34:08 (6 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.28 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.28 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-16 23:13:04 (6 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.16 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.16 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 168.144.190.184

🇺🇸 162.254.36.150

🇮🇩 103.63.25.203

🇬🇧 35.203.210.55

🇺🇸 147.185.132.76

🇺🇸 147.185.132.49

🇺🇸 146.88.241.37

🇺🇸 134.122.9.211

🇨🇳 122.13.25.213

🇨🇳 120.231.191.30

🇨🇳 113.221.47.51

🇰🇷 112.164.224.70

🇨🇳 106.13.123.237

🇿🇲 102.220.158.175

🇷🇺 79.175.42.4

🇹🇷 78.188.169.16

🇺🇸 75.84.32.110

🇺🇸 54.236.183.76

🇬🇧 35.203.210.216

🇹🇼 223.143.28.136