JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.173.201

209.50.173.201 was found in our database!

This IP was reported 31 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.173.201

Whois 209.50.173.201

IP Abuse Reports for 209.50.173.201:

This IP address has been reported a total of 31 times from 15 distinct sources. 209.50.173.201 was first reported on September 27th 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-04-05 05:29:52 (2 months ago)	Forum/form spam	Web Spam
🇺🇸 cyfordtechnologies.com	2026-03-19 04:57:26 (2 months ago)	High-abuse ASN prefix: 209.50. : Reported by Cyford API	Web App Attack
🇬🇧 relianoid.com	2026-03-03 19:18:59 (3 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇮🇩 Burayot	2026-01-25 22:59:13 (4 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 209.50.173.201 (US/United States/-) ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 209.50.173.201 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇳🇱 homeshowdomain.nl	2026-01-16 23:00:24 (4 months ago)	Auto-ban: >3000 req/min op 2026-01-16	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-12-10 00:48:43 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.201 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 19:48:36.383445 2025] [security2:error] [pid 26823:tid 26823] [client 209.50.173.201:54343] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kerrywoodandson.com"] [uri "/.svn/wc.db"] [unique_id "aTjDZBuJTqSGD46-qjUqgwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 22:14:16 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.201 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 17:14:11.434926 2025] [security2:error] [pid 31639:tid 31639] [client 209.50.173.201:56993] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bfpsamoa.com"] [uri "/.svn/wc.db"] [unique_id "aTifM7jA4mWDycEpC6IqXAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-09 15:30:36 (5 months ago)	botnet	DDoS Attack
🇫🇷 geot	2025-12-09 13:33:05 (5 months ago)	GET /.svn/wc.db HTTP/1.1	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 05:27:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.201 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 00:27:27.690820 2025] [security2:error] [pid 2452:tid 2452] [client 209.50.173.201:32879] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "clcmillvale.com"] [uri "/.env"] [unique_id "aTZhv-RRonSZ1T5a4Ogw0gAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 jjnxpct	2025-12-07 04:54:15 (6 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.env (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .env found within REQUEST_FILENAME: /.env] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 21:11:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.201 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 16:11:07.725737 2025] [security2:error] [pid 11495:tid 11495] [client 209.50.173.201:27817] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alameeran.net"] [uri "/.svn/wc.db"] [unique_id "aTSb6yHTTgnTcGftQ3H29wAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 11:58:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.201 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 06:58:17.693572 2025] [security2:error] [pid 25702:tid 25702] [client 209.50.173.201:41915] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ablg.net"] [uri "/.env"] [unique_id "aTQaWTWI1wix1TUZnghx9gAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2025-12-05 15:16:12 (6 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2025-11-26 06:12:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.201 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:12:25.401531 2025] [security2:error] [pid 11899:tid 11899] [client 209.50.173.201:55957] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tutroquel.jhonbens.com"] [uri "/.svn/wc.db"] [unique_id "aSaaSVSpUWQjLbRnd2cT6QAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 31 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 2a06:4882:1000::5

🇬🇧 195.96.139.89

🇺🇸 192.3.127.40

🇮🇩 182.253.156.184

🇮🇳 122.185.185.18

🇸🇬 118.139.164.171

🇳🇱 45.148.10.183

🇩🇪 35.198.98.107

🇩🇪 34.89.168.109

🇺🇸 8.228.13.229

🇮🇷 217.219.124.202

🇺🇸 206.223.228.199

🇺🇸 204.141.232.10

🇺🇸 172.208.49.189

🇫🇷 161.97.99.245

🇺🇸 45.79.207.110

🇲🇻 209.212.203.158

🇪🇹 196.191.151.2

🇺🇸 107.175.156.152

🇮🇩 101.255.146.170