JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.163.59

209.50.163.59 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.163.59

Whois 209.50.163.59

IP Abuse Reports for 209.50.163.59:

This IP address has been reported a total of 35 times from 7 distinct sources. 209.50.163.59 was first reported on September 27th 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-06-23 18:15:10 (3 days ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:34:32 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:34:19.322771 2026] [security2:error] [pid 21260:tid 21260] [client 209.50.163.59:33473] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kevinfranz.com"] [uri "/admin/.env"] [unique_id "aYp9C0JRSqjWmL15N41QlAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:06:21 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:06:17.436805 2026] [security2:error] [pid 2123059:tid 2123059] [client 209.50.163.59:25131] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kentsavagelaw.com"] [uri "/api/.git/config"] [unique_id "aYp2edAYDtAgAqErFMBxPAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-09 23:39:10 (4 months ago)	Blocking for trying to access an exploit file: /.env.production	Hacking
🇺🇸 TPI-Abuse	2026-02-09 23:02:16 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:02:05.210473 2026] [security2:error] [pid 16357:tid 16357] [client 209.50.163.59:16257] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kdgsf.xyz"] [uri "/.env.save"] [unique_id "aYpnbWaPFqBinIzkOh7pAgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:33:37 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:33:23.630333 2026] [security2:error] [pid 25339:tid 25339] [client 209.50.163.59:52269] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "houseofbates.net"] [uri "/api/.env"] [unique_id "aYpgszWdFu05l8mpthQwewAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:01:09 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:00:59.157492 2026] [security2:error] [pid 26268:tid 26268] [client 209.50.163.59:10473] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "katharinanitzpon.com"] [uri "/.env.staging"] [unique_id "aYpZGwEHkdO72GVWUMFuygAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 21:09:27 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:09:24.400163 2026] [security2:error] [pid 19918:tid 19918] [client 209.50.163.59:28971] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "karenbernsteinlaw.com"] [uri "/backup/.git/config"] [unique_id "aYpNBEInR3jISJ1wWOEx6wAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:08:05 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:07:56.411164 2026] [security2:error] [pid 32765:tid 32765] [client 209.50.163.59:55403] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "homeschoolwv.com"] [uri "/.env.save"] [unique_id "aYo-nHw8wr3bWqGO6HUdGAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:02:54 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:02:48.224970 2025] [security2:error] [pid 31295:tid 31295] [client 209.50.163.59:9477] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.rosetina.com"] [uri "/.svn/wc.db"] [unique_id "aSQfOBLh47dJkVcDnbWFGQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:29:31 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:29:14.119082 2025] [security2:error] [pid 23177:tid 23177] [client 209.50.163.59:51839] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.jkg1.com"] [uri "/.svn/wc.db"] [unique_id "aSP7Oi8XRplgMx0iAWy1OwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:34:20 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:34:15.818961 2025] [security2:error] [pid 11228:tid 11228] [client 209.50.163.59:42339] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.solarhorsepower.com"] [uri "/.env"] [unique_id "aSPuV-MB-mjvCBnMd5b6xQAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:48:57 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:48:45.153842 2025] [security2:error] [pid 11946:tid 11946] [client 209.50.163.59:43065] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.naghmehfarahmand.com"] [uri "/.env"] [unique_id "aSPjrcrftxrJYwABIlmYvAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-24 04:44:55 (7 months ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:18:45 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.163.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.163.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:18:37.392109 2025] [security2:error] [pid 28284:tid 28284] [client 209.50.163.59:35105] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.iclog.us"] [uri "/.svn/wc.db"] [unique_id "aSPcnYNodvdy6uA8AcV8ugAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇱 194.180.48.112

🇨🇦 192.178.64.26

🇧🇷 190.115.84.25

🇧🇷 177.94.52.162

🇺🇦 176.36.246.199

🇷🇴 141.98.83.240

🇨🇳 120.230.23.202

🇧🇬 78.128.113.22

🇧🇷 45.205.1.241

🇮🇩 202.145.0.18

🇳🇱 176.65.139.224

🇮🇳 103.91.187.6

🇸🇬 98.159.43.101

🇮🇷 85.198.19.239

🇫🇷 62.210.189.225

🇩🇪 45.3.55.215

🇩🇪 43.157.22.32

🇩🇪 193.124.20.237

🇬🇹 190.14.140.232

🇺🇾 167.57.21.146