JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.167.135

209.50.167.135 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.167.135

Whois 209.50.167.135

IP Abuse Reports for 209.50.167.135:

This IP address has been reported a total of 30 times from 14 distinct sources. 209.50.167.135 was first reported on September 26th 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 4server	2026-05-12 18:26:30 (3 weeks ago)	[TueMay1220:26:25.5384412026][security2:error][pid2870990:tid2871182][client209.50.167.135:0]ModSecu ... show more [TueMay1220:26:25.5384412026][security2:error][pid2870990:tid2871182][client209.50.167.135:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"gipfelbild.com\"][uri\"/.git/HEAD\"][unique_id\"agNw0e5LObcKq0OkX8TaswAAAFY\"] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:52:18 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.167.135 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.167.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:52:14.664342 2026] [security2:error] [pid 1517:tid 1517] [client 209.50.167.135:61325] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kingdombuilderschurchmd.org"] [uri "/admin/.env"] [unique_id "aYqdXio15J3F7pc7Ens71gAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:48:46 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.167.135 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.167.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:48:35.900396 2026] [security2:error] [pid 1452:tid 1452] [client 209.50.167.135:9497] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keystonebrass.com"] [uri "/backend/.env"] [unique_id "aYqAYyhuWKe7t7ZJQ4vlkwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 Anymous	2026-02-10 00:34:49 (3 months ago)	GET /.git/config HTTP/1.1 404 3779 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 ... show more GET /.git/config HTTP/1.1 404 3779 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" show less	Port Scan Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:21:07 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.167.135 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.167.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:21:03.370468 2026] [security2:error] [pid 2147118:tid 2147118] [client 209.50.167.135:36787] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kerrywood.com"] [uri "/v2/.git/config"] [unique_id "aYp573BD1TnbY0-JC_IZWgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-09 23:35:37 (3 months ago)	Blocking for trying to access an exploit file: /config/.env	Hacking
🇺🇸 TPI-Abuse	2026-02-09 20:29:09 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.167.135 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.167.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:28:58.445690 2026] [security2:error] [pid 19341:tid 19435] [client 209.50.167.135:26313] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kandooo.com"] [uri "/dev/.git/config"] [unique_id "aYpDikYsChRAU7ugYZ3NlAAAAQs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-02 18:20:32 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.167.135 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.167.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 02 13:20:25.041419 2026] [security2:error] [pid 30167:tid 30167] [client 209.50.167.135:26229] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.nmrising.org.peterlundman.com"] [uri "/.svn/wc.db"] [unique_id "aVgMaa12SSuF1LDO60j8yAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-01 13:11:03 (5 months ago)	(mod_security) mod_security (id:210350) triggered by 209.50.167.135 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 209.50.167.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 01 08:11:00.564792 2026] [security2:error] [pid 22344:tid 22362] [client 209.50.167.135:51971] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|touficcorban.com\|F\|4"] [data "close, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "touficcorban.com"] [uri "/Telerik.Web.UI.WebResource.axd"] [unique_id "aVZyZN7zMmOK8xXoderARQAAANA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-30 19:05:31 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.167.135 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.167.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 30 14:05:18.408635 2025] [security2:error] [pid 508727:tid 508751] [client 209.50.167.135:36517] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.selecttech.org"] [uri "/.env"] [unique_id "aVQibsXhY1GaRu-3gelHZwAAAFY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:42 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇨🇭 backslash	2025-12-21 09:00:13 (5 months ago)	block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-24 09:11:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.167.135 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.167.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:11:00.726156 2025] [security2:error] [pid 8185:tid 8185] [client 209.50.167.135:31729] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.oceanicpier.com"] [uri "/.svn/wc.db"] [unique_id "aSQhJBcFhlWudURn4fVloQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:29:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.167.135 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.167.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:29:25.159753 2025] [security2:error] [pid 5408:tid 5408] [client 209.50.167.135:45029] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.iconconstructors.com"] [uri "/.env"] [unique_id "aSPtNd3sQnz-FFYxmxuhuQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:23:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.167.135 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.167.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:23:41.625527 2025] [security2:error] [pid 12383:tid 12383] [client 209.50.167.135:57507] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.hyps.com"] [uri "/.svn/wc.db"] [unique_id "aSPdzax29QI2nzynmHh9wQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.227

🇸🇬 193.37.32.194

🇫🇮 147.185.133.220

🇺🇸 147.185.132.219

🇺🇸 137.184.159.183

🇮🇳 117.245.141.229

🇸🇬 98.159.43.13

🇺🇸 91.230.168.250

🇺🇸 66.132.172.149

🇺🇸 65.49.1.180

🇷🇺 62.183.82.70

🇳🇱 34.178.7.245

🇺🇸 23.234.80.156

🇺🇿 213.230.93.110

🇪🇨 177.234.209.102

🇯🇵 168.138.213.115

🇺🇸 162.216.150.109

🇫🇮 147.185.133.213

🇨🇳 120.195.35.240

🇻🇳 115.75.37.60