JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.168.35

209.50.168.35 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 9%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.168.35

Whois 209.50.168.35

IP Abuse Reports for 209.50.168.35:

This IP address has been reported a total of 27 times from 10 distinct sources. 209.50.168.35 was first reported on September 27th 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 TheCoon	2026-05-13 14:30:02 (3 weeks ago)	Automated: Credential theft attempt - JSON bomb served	Web App Attack Hacking
🇩🇪 4server	2026-05-10 12:50:57 (3 weeks ago)	[SunMay1014:50:52.1908292026][security2:error][pid959036:tid959148][client209.50.168.35:0]ModSecurit ... show more [SunMay1014:50:52.1908292026][security2:error][pid959036:tid959148][client209.50.168.35:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"craniosacraltherapy.ch\"][uri\"/.aws/credentials\"][unique_id\"agB_LPwG58J618y0T9hvlAAAANQ\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 mnsf	2026-03-27 01:06:12 (2 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack
🇵🇱 sefinek.net	2025-12-28 19:48:29 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1264.71 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇦🇺 oncord	2025-12-24 01:29:12 (5 months ago)	Form spam	Web Spam
🇦🇺 oncord	2025-12-19 13:50:59 (5 months ago)	Form spam	Web Spam
Anonymous	2025-12-11 11:24:27 (5 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-12-02 07:06:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.35 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 02:06:20.399648 2025] [security2:error] [pid 6929:tid 6929] [client 209.50.168.35:26191] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "shofarmusic.com"] [uri "/.svn/wc.db"] [unique_id "aS6P7MKeB944cNZnqvWDlwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:38:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.35 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:38:01.801409 2025] [security2:error] [pid 3893:tid 3893] [client 209.50.168.35:58489] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jonathanwilsonphotography.com"] [uri "/.svn/wc.db"] [unique_id "aS5tKcjX-VQi8phVR76k-gAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:07:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.35 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:07:09.377596 2025] [security2:error] [pid 6867:tid 6867] [client 209.50.168.35:27363] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bhartman.com"] [uri "/.svn/wc.db"] [unique_id "aS5l7bmxRX5UH2IrgcVXdwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:36:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.35 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:36:04.143342 2025] [security2:error] [pid 29637:tid 29637] [client 209.50.168.35:17933] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.obamaslegacy.review"] [uri "/.env"] [unique_id "aSQK5PIYzl_SarqCGtEEsgAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:16:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.35 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:16:37.152325 2025] [security2:error] [pid 17714:tid 17714] [client 209.50.168.35:54447] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.zyxod.org"] [uri "/.git/HEAD"] [unique_id "aSQGVYQFFgCEQ31w2bHqqgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:12:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.35 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:12:38.897730 2025] [security2:error] [pid 4487:tid 4487] [client 209.50.168.35:19993] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cinemasky.michaelprussin.com"] [uri "/.git/HEAD"] [unique_id "aSP3VlfHcn0GngEV99yJ-AAAACc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:11:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.35 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:11:19.576409 2025] [security2:error] [pid 23563:tid 23563] [client 209.50.168.35:9965] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.accpp.link"] [uri "/.git/HEAD"] [unique_id "aSPo9-cCZVC0yUcwGjpWYQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:18:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.35 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:18:37.020094 2025] [security2:error] [pid 25933:tid 25933] [client 209.50.168.35:18915] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.iclog.us"] [uri "/.svn/wc.db"] [unique_id "aSPcnadwtv2Kea_XL1SYrQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 207.175.57.90

🇳🇱 188.64.138.89

🇺🇸 154.83.197.69

🇵🇹 87.103.126.54

🇫🇷 62.210.209.225

🇭🇰 43.155.40.91

🇰🇿 37.150.183.226

🇰🇷 14.63.196.175

🇺🇸 172.238.171.10

🇯🇵 165.154.231.236

🇮🇳 152.58.62.108

🇭🇰 103.103.245.61

🇷🇺 95.71.127.158

🇬🇧 81.19.219.237

🇺🇸 13.219.1.233

🇬🇧 172.68.205.178

🇨🇱 168.232.165.189

🇫🇷 147.79.103.191

🇩🇪 130.12.181.99

🇧🇩 103.42.5.132