JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.171.73

209.50.171.73 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.171.73

Whois 209.50.171.73

IP Abuse Reports for 209.50.171.73:

This IP address has been reported a total of 30 times from 13 distinct sources. 209.50.171.73 was first reported on September 26th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇹 Malta	2026-05-16 22:16:55 (1 month ago)	209.50.171.73 - - [17/May/2026:00:16:55 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows N ... show more 209.50.171.73 - - [17/May/2026:00:16:55 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" show less	Hacking Web App Attack
🇺🇦 URAN Publishing Service	2026-02-18 02:40:13 (4 months ago)	209.50.171.73 - - [18/Feb/2026:04:40:11 +0200] "GET /.env HTTP/1.1" 404 2918 "-" "Mozilla/5.0 (Windo ... show more 209.50.171.73 - - [18/Feb/2026:04:40:11 +0200] "GET /.env HTTP/1.1" 404 2918 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" 209.50.171.73 - - [18/Feb/2026:04:40:13 +0200] "GET /api/.env HTTP/1.1" 404 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Web App Attack
🇨🇭 backslash	2026-01-12 08:25:03 (5 months ago)		Web Spam
Anonymous	2025-12-14 02:12:35 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-12-02 14:03:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.73 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 09:03:24.991811 2025] [security2:error] [pid 24811:tid 24811] [client 209.50.171.73:23599] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yacht-register-holland.com"] [uri "/.env"] [unique_id "aS7xrCF3HXoKkvKGEkB8MgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 08:58:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.73 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 03:58:34.678299 2025] [security2:error] [pid 5303:tid 5303] [client 209.50.171.73:40931] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hwh17.com"] [uri "/.svn/wc.db"] [unique_id "aS6qOhbU3jffwsm3H50eVgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 06:44:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.73 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 01:44:23.536189 2025] [security2:error] [pid 13445:tid 13445] [client 209.50.171.73:14861] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "buffaloweddingdeejay.com"] [uri "/.env"] [unique_id "aS6Kx1PMx9OFwIrnUcdAiQAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:33:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.73 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:33:20.822915 2025] [security2:error] [pid 5732:tid 5732] [client 209.50.171.73:9997] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stukabird.com"] [uri "/.svn/wc.db"] [unique_id "aS56IH6mWuxXcw1XFr5g0gAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:47:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.73 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:46:57.081798 2025] [security2:error] [pid 10704:tid 10704] [client 209.50.171.73:24633] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "casademunt.com"] [uri "/.env"] [unique_id "aS5vQTwrjOAAdOiVegEb0wAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:31:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.171.73 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.171.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:31:06.139288 2025] [security2:error] [pid 3930:tid 3930] [client 209.50.171.73:38507] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "utah17.com"] [uri "/.env"] [unique_id "aS5rirmf5Rj1xvcLi94W8gAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-01 08:11:17 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-29 00:39:39 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 209.50.171.73 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 209.50.171.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 19:39:34.874046 2025] [security2:error] [pid 23938:tid 23938] [client 209.50.171.73:14937] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|abortiontragedies.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "abortiontragedies.com"] [uri "/dump.sql"] [unique_id "aSpAxrzAzThCzyO7dIQsHQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-22 09:45:16 (6 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.22 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.22 is noted in report timestamp show less	Hacking Brute-Force
🇪🇸 10dencehispahard SL	2025-11-19 07:33:16 (7 months ago)	WP probing for vulnerabilities	Hacking Exploited Host
Anonymous	2025-11-14 04:51:01 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 147.185.133.48

🇧🇴 138.84.37.83

🇪🇸 83.37.105.149

🇻🇳 14.177.107.120

🇵🇱 194.180.49.219

🇬🇧 185.247.137.195

🇸🇬 68.183.226.11

🇺🇸 65.49.1.154

🇨🇳 59.52.176.126

🇫🇷 51.83.10.173

🇳🇱 45.148.10.157

🇩🇪 43.165.1.41

🇩🇪 213.209.159.11

🇫🇷 207.180.192.206

🇵🇱 194.180.49.58

🇵🇱 194.180.48.110

🇵🇾 181.123.136.11

🇺🇸 173.255.160.142

🇮🇳 172.217.34.81

🇳🇱 93.158.213.25