JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.164.136

209.50.164.136 was found in our database!

This IP was reported 42 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.164.136

Whois 209.50.164.136

IP Abuse Reports for 209.50.164.136:

This IP address has been reported a total of 42 times from 18 distinct sources. 209.50.164.136 was first reported on September 27th 2025, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 F242	2026-01-30 07:02:41 (4 months ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇺🇸 TPI-Abuse	2025-12-31 15:51:26 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 209.50.164.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 209.50.164.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 31 10:51:19.076639 2025] [security2:error] [pid 5683:tid 5683] [client 209.50.164.136:27729] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.azcrittergetter.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.azcrittergetter.com"] [uri "/csfitz.com"] [unique_id "aVVGd6lVGPCHyrc_Kyy45wAAAAQ"], referer: http://csfitz.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 12:19:47 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 07:19:42.083818 2025] [security2:error] [pid 31244:tid 31244] [client 209.50.164.136:58091] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "constructionloansfunding.com"] [uri "/.git/HEAD"] [unique_id "aVJx3nYHjZeVe-t20kSWIwAAACk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 10:41:10 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 05:41:04.625118 2025] [security2:error] [pid 1532217:tid 1532217] [client 209.50.164.136:50109] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bentechconstruction.com"] [uri "/.svn/wc.db"] [unique_id "aVJawIi3zJ-HAhWwwbiX-AAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 08:32:15 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 03:32:11.826242 2025] [security2:error] [pid 12637:tid 12637] [client 209.50.164.136:54851] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "acsellsre.com"] [uri "/.env"] [unique_id "aVI8i3V9EmH_Mp8bSQgFsgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:42:34 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:42:27.837527 2025] [security2:error] [pid 12578:tid 12578] [client 209.50.164.136:34131] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keysenterprise.com"] [uri "/.svn/wc.db"] [unique_id "aVIUw0Kja-Fql4TZFFW66gAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:02:08 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:02:02.005860 2025] [security2:error] [pid 23575:tid 23575] [client 209.50.164.136:32239] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "foreverweddingnapkins.com"] [uri "/.git/HEAD"] [unique_id "aVILSh9g0O6nrltOv57bgQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:42:49 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:42:41.265911 2025] [security2:error] [pid 14639:tid 14639] [client 209.50.164.136:60347] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hpepaper.com"] [uri "/.git/HEAD"] [unique_id "aVIGwSmlUwCta14GyC0t8QAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2025-12-26 01:14:04 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇱🇻 garmtech.com	2025-12-24 03:23:19 (5 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 05-23.209.50.164.136.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 05-23.209.50.164.136.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 nowyouknow	2025-12-16 11:20:58 (5 months ago)	(From [email protected]) Want to learn how to make money online with automated emails? See ... show more (From [email protected]) Want to learn how to make money online with automated emails? See https://rb.gy/uxe0l2 show less	Phishing Web Spam
🇦🇺 oncord	2025-12-14 16:02:48 (5 months ago)	Form spam	Web Spam
Anonymous	2025-12-10 09:55:28 (6 months ago)	botnet	DDoS Attack
🇺🇸 nowyouknow	2025-12-06 11:59:30 (6 months ago)	(From [email protected]) Are you ready to try a system that turns emails into cash quickl ... show more (From [email protected]) Are you ready to try a system that turns emails into cash quickly? Check https://rb.gy/uxe0l2 show less	Phishing Web Spam
🇱🇻 garmtech.com	2025-12-01 15:41:39 (6 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 17-41.209.50.164.136.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 17-41.209.50.164.136.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack

Showing 1 to 15 of 42 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇴 92.118.39.62

🇨🇳 222.90.214.20

🇺🇸 172.236.239.55

🇻🇳 160.191.54.171

🇨🇳 112.51.146.189

🇮🇹 45.143.182.238

🇮🇩 43.245.249.251

🇸🇬 43.160.249.98

🇲🇿 197.219.208.58

🇺🇸 194.104.8.105

🇺🇸 148.153.121.223

🇬🇭 143.105.209.181

🇮🇳 115.97.212.3

🇺🇸 107.174.177.220

🇺🇸 43.130.2.131

🇩🇪 213.209.159.241

🇰🇷 175.206.1.60

🇵🇭 124.105.218.150

🇨🇳 123.171.35.198

🇲🇾 85.211.253.236