JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.171.52

209.50.171.52 was found in our database!

This IP was reported 36 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.171.52

Whois 209.50.171.52

IP Abuse Reports for 209.50.171.52:

This IP address has been reported a total of 36 times from 9 distinct sources. 209.50.171.52 was first reported on September 26th 2025, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-03-09 01:08:26 (3 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇺🇸 TPI-Abuse	2025-12-28 03:16:38 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 22:16:34.354781 2025] [security2:error] [pid 7233:tid 7244] [client 209.50.171.52:18755] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "schoprint.com"] [uri "/.env"] [unique_id "aVChEnTAx2o--mB3fjlLIwAAAIg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 21:12:56 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 16:12:53.028860 2025] [security2:error] [pid 31994:tid 31994] [client 209.50.171.52:43397] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brownbarn.com"] [uri "/.env"] [unique_id "aVBL1eGqGRqoEHHalE6YrwAAACo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 20:46:00 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 15:45:56.748655 2025] [security2:error] [pid 30553:tid 30553] [client 209.50.171.52:56949] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kaplankrew.com"] [uri "/.env"] [unique_id "aVBFhEgxqCSMbFxlEhvChQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 15:56:19 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 10:56:13.163411 2025] [security2:error] [pid 18196:tid 18196] [client 209.50.171.52:21901] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "raintechgutters.com"] [uri "/.env"] [unique_id "aVABne_KDh2KFIBfrjbwawAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-12-23 11:08:25 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-12-02 20:16:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 15:16:25.768969 2025] [security2:error] [pid 22589:tid 22627] [client 209.50.171.52:26665] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rawhabitat.com"] [uri "/.env"] [unique_id "aS9JGTx4KwlRY3hgSAwfWgAAAEk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 17:40:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 12:40:54.590602 2025] [security2:error] [pid 31493:tid 31493] [client 209.50.171.52:56599] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kmelson.com"] [uri "/.svn/wc.db"] [unique_id "aS8kplf-Ims8dz9HvF7nVQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 15:54:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 10:54:30.698569 2025] [security2:error] [pid 28154:tid 28154] [client 209.50.171.52:24305] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "openheartwellness.com"] [uri "/.env"] [unique_id "aS8Ltn47YFvnGgNplFhrjQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 15:06:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 10:06:07.851640 2025] [security2:error] [pid 30747:tid 30747] [client 209.50.171.52:30983] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "firingsquadfilms.com"] [uri "/.git/HEAD"] [unique_id "aS8AX68rP9UDtUk6H886sgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 11:16:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 06:16:31.113058 2025] [security2:error] [pid 6946:tid 6946] [client 209.50.171.52:13871] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aquasafedemo.com"] [uri "/.env"] [unique_id "aS7Kj_A4PWeimCL78pdkuwAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:16:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:15:53.498437 2025] [security2:error] [pid 10728:tid 10728] [client 209.50.171.52:58979] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stevenkloepfer.com"] [uri "/.svn/wc.db"] [unique_id "aS52CSFst6qxWh0lJZ3TAAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:17:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:16:57.521284 2025] [security2:error] [pid 30536:tid 30536] [client 209.50.171.52:22533] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "purplebikinis.com"] [uri "/.svn/wc.db"] [unique_id "aS5oOUIOfhqkNQFvD5QhBAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-02 02:20:03 (6 months ago)	suspicious request in access.log	Web App Attack
Anonymous	2025-11-02 13:46:55 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 07:37:06	Port Scan Brute-Force Exploited Host Web App Attack

Showing 1 to 15 of 36 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 211.223.187.249

🇨🇳 110.16.203.240

🇺🇸 92.204.128.6

🇬🇧 176.126.78.131

🇫🇮 147.185.133.220

🇹🇭 147.50.227.79

🇦🇪 139.185.55.154

🇸🇬 94.231.206.0

🇷🇴 80.94.92.186

🇺🇸 75.71.230.41

🇦🇺 51.161.128.68

🇿🇦 45.221.89.23

🇺🇸 147.185.132.222

🇷🇴 141.98.83.240

🇻🇳 125.212.244.35

🇨🇳 120.48.99.236

🇺🇸 77.220.192.241

🇨🇳 60.217.78.245

🇬🇧 35.203.210.249

🇬🇧 193.163.125.116