JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.164.76

209.50.164.76 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.164.76

Whois 209.50.164.76

IP Abuse Reports for 209.50.164.76:

This IP address has been reported a total of 23 times from 12 distinct sources. 209.50.164.76 was first reported on September 27th 2025, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-01-21 13:45:13 (4 months ago)	Bad file extension: 209.50.164.76 - - [21/Jan/2026:13:31:04 +0000] "GET /.svn/wc.db HTTP/1.1" 404 2 ... show more Bad file extension: 209.50.164.76 - - [21/Jan/2026:13:31:04 +0000] "GET /.svn/wc.db HTTP/1.1" 404 247 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-01-21 10:27:47 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 21 05:27:40.030773 2026] [security2:error] [pid 21628:tid 21628] [client 209.50.164.76:48077] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arofish.us"] [uri "/.git/HEAD"] [unique_id "aXCqHOklYFavMpt4Hb6xxQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-21 10:03:37 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 21 05:03:33.347314 2026] [security2:error] [pid 30150:tid 30150] [client 209.50.164.76:49821] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "heathbartley.com"] [uri "/.svn/wc.db"] [unique_id "aXCkdXWcD7V3qKyzZ_U8WAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2026-01-20 22:59:58 (4 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /.git/HEAD UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 myagent.site	2026-01-20 21:48:01 (4 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇮🇹 VHosting	2025-12-23 17:15:26 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
Anonymous	2025-12-14 06:08:34 (5 months ago)	botnet	DDoS Attack
🇩🇪 Packets-Decreaser.NET	2025-11-30 13:09:57 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-24 07:20:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:20:31.277010 2025] [security2:error] [pid 20045:tid 20045] [client 209.50.164.76:45913] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.pennygillespie.com"] [uri "/.env"] [unique_id "aSQHP5pC6yqicbj-2juxfwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:13:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.164.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.164.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:13:45.812355 2025] [security2:error] [pid 3887:tid 3887] [client 209.50.164.76:18685] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.dginstruments.com"] [uri "/.svn/wc.db"] [unique_id "aSPbefOD7njxTY1ewxfmjwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-13 23:16:29 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-10-30 15:33:24 (7 months ago)	WordPress Brute Force	Brute-Force
🇩🇪 Marc	2025-10-29 21:55:09 (7 months ago)		Brute-Force
Anonymous	2025-10-16 10:51:25 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.16 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.16 is noted in report timestamp show less	Hacking Brute-Force
🇨🇦 wil.com	2025-10-15 18:54:47 (7 months ago)	GlobalProtect login attempts with user ncfdvpn.	VPN IP Brute-Force

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 200.68.165.16

🇹🇼 198.235.24.104

🇺🇸 152.32.236.116

🇺🇿 94.232.25.87

🇩🇪 69.5.169.184

🇸🇬 45.78.204.246

🇩🇪 213.209.159.158

🇺🇸 205.210.31.110

🇺🇸 205.210.31.83

🇮🇩 202.145.0.61

🇺🇿 198.163.195.46

🇷🇺 188.92.241.150

🇲🇽 187.249.60.130

🇰🇿 178.89.53.225

🇳🇱 176.65.148.120

🇺🇸 172.202.117.196

🇩🇪 167.94.146.67

🇵🇱 87.251.64.157

🇬🇧 86.172.75.255

🇺🇸 82.29.199.45