JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.164.27

209.50.164.27 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 29%: ?

29%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.164.27

Whois 209.50.164.27

IP Abuse Reports for 209.50.164.27:

This IP address has been reported a total of 28 times from 13 distinct sources. 209.50.164.27 was first reported on September 28th 2025, and the most recent report was 16 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ELYAZ	2026-06-24 06:41:19 (16 minutes ago)	(y4) Failed scan -byebye- from 209.50.164.27 (US/United States/-): (CF_ENABLE)	Hacking
🇬🇧 spamverify.com	2026-06-22 16:04:37 (1 day ago)	Honeypot Hit: WordPress Login	Web Spam Blog Spam Bad Web Bot Web App Attack
🇩🇪 georgengelmann	2026-06-22 07:46:35 (1 day ago)	Failed login attempt for [email protected]	Brute-Force Web App Attack
🇫🇷 ELYAZ	2026-06-17 02:39:49 (1 week ago)	(y4) Failed scan -byebye- from 209.50.164.27 (US/United States/-): (CF_ENABLE)	Hacking
🇲🇽 octageeks.com	2026-06-16 04:11:48 (1 week ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-01-17 10:39:52 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.27 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 05:39:48.529512 2026] [security2:error] [pid 24363:tid 24363] [client 209.50.164.27:26607] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.barristershall.com"] [uri "/.env"] [unique_id "aWtm9PFO8QjnNcSUCEBvuwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 10:20:17 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.27 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 05:20:12.225458 2026] [security2:error] [pid 8185:tid 8185] [client 209.50.164.27:56537] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.greybird.cc"] [uri "/.env"] [unique_id "aWtiXL7nK4fdpdp8nc3LTQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 08:03:11 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.27 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 03:03:04.182230 2026] [security2:error] [pid 32369:tid 32369] [client 209.50.164.27:26851] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "superzilla.com"] [uri "/.env"] [unique_id "aWtCODblyddrkl0O80ps_QAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-01-16 21:59:40 (5 months ago)	IM360 WAF: Laravel .env file access	Web App Attack
Anonymous	2025-12-08 19:44:31 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-26 11:34:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.27 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:34:36.146996 2025] [security2:error] [pid 23253:tid 23253] [client 209.50.164.27:18189] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.grannyswash.kunzteam.com"] [uri "/.env"] [unique_id "aSblzBJsFdXBYavDqoV2UAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 10:48:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.27 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:48:12.303262 2025] [security2:error] [pid 26902:tid 26902] [client 209.50.164.27:59737] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.hawkinsenterprise.com"] [uri "/.env"] [unique_id "aSba7IsvbgS2FIT6XxjY5QAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 07:10:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.27 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 02:10:03.678712 2025] [security2:error] [pid 11204:tid 11204] [client 209.50.164.27:25575] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.busjadis.com"] [uri "/.git/HEAD"] [unique_id "aSany3fXM51G1WYAwkPaKgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:40:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.27 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:40:37.490722 2025] [security2:error] [pid 3538473:tid 3538603] [client 209.50.164.27:44845] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.plasticsurgeondenver.aafm.us"] [uri "/.env"] [unique_id "aSaS1Ylw80WOF8zzHgPHJAAAAcY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 211.223.107.86

🇸🇬 185.200.116.42

🇨🇳 182.40.195.233

🇺🇸 161.35.232.200

🇻🇳 103.199.16.90

🇫🇷 85.217.140.5

🇺🇸 54.177.160.239

🇲🇾 49.124.153.45

🇺🇸 35.252.93.232

🇺🇸 216.25.89.83

🇳🇱 195.178.110.42

🇳🇱 195.178.110.30

🇨🇳 175.170.144.16

🇺🇸 162.216.150.241

🇫🇮 147.185.133.113

🇨🇱 136.248.242.166

🇺🇸 107.172.188.139

🇵🇰 103.178.79.91

🇺🇸 100.29.192.64

🇳🇱 78.142.18.172