JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.167.45

209.50.167.45 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 24%: ?

24%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.167.45

Whois 209.50.167.45

IP Abuse Reports for 209.50.167.45:

This IP address has been reported a total of 25 times from 15 distinct sources. 209.50.167.45 was first reported on September 28th 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 HERA - Operations	2026-05-11 20:50:37 (3 weeks ago)	herrmann - searching for vulnerable scripts: .env 2026/05/11 22:50:36	Web App Attack
🇱🇻 garmtech.com	2026-05-04 10:13:19 (1 month ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇧🇪 cmbplf	2026-05-03 19:37:14 (1 month ago)	3.741 requests with url.path */xmlrpc.php 3.741 requests with url.path //xmlrpc.php	Brute-Force Bad Web Bot
🇮🇩 Burayot	2026-04-30 18:22:48 (1 month ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 209.50.167.45 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 209.50.167.45 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 etu brutus	2026-04-30 14:23:14 (1 month ago)	209.50.167.45 Blocked by [Attack Vector List] ...	Hacking Brute-Force Exploited Host
🇩🇪 4server	2026-04-26 23:08:30 (1 month ago)	[MonApr2701:08:25.8880002026][security2:error][pid2704189:tid2704324][client209.50.167.45:0]ModSecur ... show more [MonApr2701:08:25.8880002026][security2:error][pid2704189:tid2704324][client209.50.167.45:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"www.gualandi.mood4apps.com\"][uri\"/\"][unique_id\"ae6a6TsIBBxq9g804FO-iQAAAlc\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 LRob.fr	2026-04-14 22:45:03 (1 month ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 09:31:17 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.167.45 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.167.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 04:31:10.940295 2026] [security2:error] [pid 520:tid 520] [client 209.50.167.45:55731] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.anniversaryweddingfavors.com"] [uri "/.env"] [unique_id "aWtW3iiXJkHoBgrGmYIJvwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 00:14:40 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.167.45 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.167.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 19:14:36.513062 2026] [security2:error] [pid 6978:tid 6978] [client 209.50.167.45:51379] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.ps-omega.com"] [uri "/.env"] [unique_id "aWrUbBAqDbmX_qlcCy1-EAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-31 00:57:44 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-29 05:37:27 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.167.45 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.167.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:37:23.925367 2025] [security2:error] [pid 10847:tid 10847] [client 209.50.167.45:14237] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blfmarine.com"] [uri "/.env"] [unique_id "aVITkyUfCBG3-RoxEq0omAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:21:15 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.167.45 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.167.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:21:12.158057 2025] [security2:error] [pid 19626:tid 19626] [client 209.50.167.45:16045] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tesacate.com"] [uri "/.env"] [unique_id "aVIPyPJSrJ1VsbQVD5zXCQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:00:19 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.167.45 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.167.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:00:13.039755 2025] [security2:error] [pid 25100:tid 25100] [client 209.50.167.45:53011] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "leeu100.com"] [uri "/.svn/wc.db"] [unique_id "aVH8zUkAhw6V84n21HBhuAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 03:19:57 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.167.45 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.167.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 22:19:50.563350 2025] [security2:error] [pid 17736:tid 17760] [client 209.50.167.45:13865] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "datuinc.com"] [uri "/.git/HEAD"] [unique_id "aVHzVnpzU1dkKUAUxqwY6wAAARY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:24:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.167.45 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.167.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:24:20.726114 2025] [security2:error] [pid 3461152:tid 3461152] [client 209.50.167.45:9861] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pack133.thelowensteinfamily.com"] [uri "/.git/HEAD"] [unique_id "aSQIJEAUH5_SffPjgMIvVwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 131.255.231.254

🇮🇩 103.41.247.76

🇺🇸 66.132.195.91

🇮🇹 57.131.50.125

🇷🇺 46.160.165.239

🇨🇳 43.226.39.182

🇹🇿 41.59.229.33

🇨🇳 8.148.200.68

🇺🇸 172.203.149.63

🇧🇷 170.254.163.58

🇳🇱 158.94.210.233

🇧🇷 143.95.213.196

🇹🇯 109.75.54.122

🇷🇴 92.118.39.236

🇷🇴 92.118.39.62

🇲🇦 81.192.46.36

🇲🇾 180.75.133.83

🇧🇷 152.254.185.121

🇨🇳 110.249.202.211

🇺🇸 76.223.176.17