JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.167.39

209.50.167.39 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.167.39

Whois 209.50.167.39

IP Abuse Reports for 209.50.167.39:

This IP address has been reported a total of 35 times from 12 distinct sources. 209.50.167.39 was first reported on September 28th 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-03-25 23:22:19 (2 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 01-22.209.50.167.39.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 01-22.209.50.167.39.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-20 16:34:45 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 209.50.167.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 209.50.167.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 11:34:38.526956 2026] [security2:error] [pid 24573:tid 24573] [client 209.50.167.39:48583] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|morefrogs.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "morefrogs.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZiNHnM-CSYlMgFe6MMj2gAAAAA"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 oncord	2026-01-09 18:13:13 (4 months ago)	Form spam	Web Spam
🇦🇺 oncord	2025-12-31 18:31:33 (5 months ago)	Form spam	Web Spam
🇮🇹 VHosting	2025-12-24 03:20:35 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 nowyouknow	2025-12-17 07:43:06 (5 months ago)	(From [email protected]) Want to learn how a plug-and-play email system can help you earn mone ... show more (From [email protected]) Want to learn how a plug-and-play email system can help you earn money daily? Try https://rb.gy/uxe0l2 show less	Phishing Web Spam
🇺🇸 nowyouknow	2025-12-11 04:40:59 (5 months ago)	(From [email protected]) Want to discover a system where sending emails leads to real ear ... show more (From [email protected]) Want to discover a system where sending emails leads to real earnings? Try https://rb.gy/uxe0l2 show less	Phishing Web Spam
🇺🇸 oncord	2025-12-01 13:05:59 (6 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2025-11-26 11:13:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.167.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.167.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:12:58.802396 2025] [security2:error] [pid 17838:tid 17838] [client 209.50.167.39:42637] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.alanrmariotti.com"] [uri "/.git/HEAD"] [unique_id "aSbgug6dRorTTItgKHZXMgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 08:42:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.167.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.167.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:41:55.986068 2025] [security2:error] [pid 23177:tid 23177] [client 209.50.167.39:14767] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.deanfountain.com"] [uri "/.env"] [unique_id "aSa9U6zXr8xoaJUQ_2vIOgAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:21:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.167.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.167.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:21:47.240585 2025] [security2:error] [pid 6208:tid 6208] [client 209.50.167.39:37813] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.proplanarchitects.com"] [uri "/.svn/wc.db"] [unique_id "aSace0yuFQfF7USDJce7iAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:15:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.167.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.167.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:15:00.918737 2025] [security2:error] [pid 3365545:tid 3365676] [client 209.50.167.39:39135] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ajbruner.uoexpanse.com"] [uri "/.svn/wc.db"] [unique_id "aSZipCa0-q0nx5VbsSClcAAAAkA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:32:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.167.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.167.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:32:09.334653 2025] [security2:error] [pid 6649:tid 6697] [client 209.50.167.39:55713] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.exedesalesteam.com"] [uri "/.git/HEAD"] [unique_id "aSZKifCQPT6s-IHquRxbfgAAAU0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:07:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.167.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.167.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:07:06.086809 2025] [security2:error] [pid 8871:tid 8871] [client 209.50.167.39:38807] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.astariafilms.com"] [uri "/.svn/wc.db"] [unique_id "aSZEqlARlTIxiWiIFNVDSAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:12:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.167.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.167.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:11:54.424105 2025] [security2:error] [pid 19005:tid 19005] [client 209.50.167.39:23355] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.ardath.net"] [uri "/.svn/wc.db"] [unique_id "aSQhWpjpW-ppMSCu7HXdagAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇴🇲 206.167.33.157

🇧🇷 205.210.31.193

🇹🇼 198.235.24.65

🇷🇴 193.32.162.13

🇷🇺 188.119.120.17

🇺🇸 162.216.150.99

🇺🇸 50.6.224.135

🇩🇪 178.27.90.142

🇺🇸 144.225.124.124

🇮🇳 103.132.243.250

🇷🇺 85.94.26.18

🇺🇸 74.114.29.210

🇩🇪 69.5.169.152

🇳🇱 46.151.178.13

🇧🇪 34.14.17.98

🇨🇳 14.103.121.78

🇩🇪 217.160.189.228

🇩🇪 213.209.159.236

🇺🇸 205.210.31.93

🇧🇷 177.93.175.47