JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.164.236

209.50.164.236 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.164.236

Whois 209.50.164.236

IP Abuse Reports for 209.50.164.236:

This IP address has been reported a total of 19 times from 11 distinct sources. 209.50.164.236 was first reported on September 28th 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-04-05 14:15:12 (2 months ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
Anonymous	2026-03-31 20:48:20 (2 months ago)	Forum/form spam	Web Spam
🇩🇪 F242	2026-01-30 05:10:53 (4 months ago)	Wordpress Login or XMLRPC abuse	Web App Attack
Anonymous	2025-12-07 07:03:18 (6 months ago)	botnet	DDoS Attack
🇩🇪 Packets-Decreaser.NET	2025-11-30 13:10:04 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-25 04:15:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:15:52.061603 2025] [security2:error] [pid 9548:tid 9548] [client 209.50.164.236:10963] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "earthwormensemble.doublenaughtspycar.com"] [uri "/.env"] [unique_id "aSUteOhWrTPdWaZe4wpGnAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:51:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:51:27.430126 2025] [security2:error] [pid 7226:tid 7226] [client 209.50.164.236:37841] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.pendergrassfamily.com"] [uri "/.svn/wc.db"] [unique_id "aSUnv-ZuZbPvOc7V_DBVLAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:25:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:25:28.484703 2025] [security2:error] [pid 1647139:tid 1647157] [client 209.50.164.236:11115] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.sallykimmel.com"] [uri "/.svn/wc.db"] [unique_id "aSUTmJ5eMzOQPKYL6rL_OAAAAEY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:21:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:21:24.998736 2025] [security2:error] [pid 610252:tid 610252] [client 209.50.164.236:31497] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.arroceraomoa.com"] [uri "/.env"] [unique_id "aSUElOvO3AQ9jDvAG2qs8QAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Admins@FBN	2025-11-25 00:28:52 (6 months ago)	FW-PortScan: Traffic Blocked srcport=17167 dstport=80	Port Scan
🇺🇸 TPI-Abuse	2025-11-25 00:15:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:14:59.976648 2025] [security2:error] [pid 3071:tid 3071] [client 209.50.164.236:42441] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.savingspools.savingshvac.com"] [uri "/.git/HEAD"] [unique_id "aST1A2vQPnv_cwHhSsOWRAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2025-11-21 09:51:53 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1264.71 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2025-11-14 04:32:31 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇨🇦 wil.com	2025-10-29 07:12:53 (7 months ago)	GlobalProtect login attempts with user ddagentuser.	VPN IP Brute-Force
Anonymous	2025-10-18 10:24:37 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.18 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.18 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 109.105.210.55

🇮🇳 34.93.241.217

🇰🇷 14.206.12.13

🇩🇪 213.209.159.235

🇧🇷 131.221.182.4

🇧🇷 129.121.39.181

🇨🇳 101.96.200.105

🇷🇺 94.180.250.11

🇲🇩 91.208.184.122

🇬🇧 35.203.211.240

🇺🇸 23.237.188.34

🇺🇦 217.196.174.3

🇺🇸 216.180.246.211

🇺🇸 216.180.246.108

🇫🇷 185.177.72.13

🇨🇦 172.105.16.147

🇹🇼 165.154.227.158

🇺🇸 143.198.239.107

🇭🇰 103.81.168.2

🇫🇷 91.231.89.10