JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.175.34

209.50.175.34 was found in our database!

This IP was reported 40 times. Confidence of Abuse is 8%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.175.34

Whois 209.50.175.34

IP Abuse Reports for 209.50.175.34:

This IP address has been reported a total of 40 times from 19 distinct sources. 209.50.175.34 was first reported on September 28th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-09 14:58:20 (1 month ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇩🇪 Lino Project	2026-05-05 15:17:19 (1 month ago)	209.50.175.34 - - [05/May/2026:17:17:17 +0200] "GET /wp-admin/post-new.php HTTP/1.1" 403 6488 "https ... show more 209.50.175.34 - - [05/May/2026:17:17:17 +0200] "GET /wp-admin/post-new.php HTTP/1.1" 403 6488 "https://www.primobio.it/mio-account/" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 paissangroup	2026-03-23 05:33:18 (2 months ago)	Multiple WAF Violations	Web App Attack
Anonymous	2026-02-10 23:40:03 (4 months ago)	suspicious request in access.log	Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:54:18 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.175.34 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.175.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:54:08.556049 2026] [security2:error] [pid 598839:tid 598839] [client 209.50.175.34:47837] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kittyloveschai.com"] [uri "/.git/config"] [unique_id "aYqr4Cuezfui8df8pbLlsgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:14:55 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.175.34 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.175.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:14:51.927246 2026] [security2:error] [pid 19418:tid 19418] [client 209.50.175.34:56715] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iahksa.com"] [uri "/admin/.env"] [unique_id "aYqiq33ju4e9LfnSnCQsiwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-10 02:26:00 (4 months ago)	Blocking for trying to access an exploit file: /backend/.env	Hacking
🇩🇪 Carsten	2026-02-10 01:34:21 (4 months ago)	GET [frontend/.env]	Port Scan
🇺🇸 TPI-Abuse	2026-02-10 00:51:03 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.175.34 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.175.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:50:57.332840 2026] [security2:error] [pid 16672:tid 16672] [client 209.50.175.34:33239] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "humaclub.com"] [uri "/app/.git/config"] [unique_id "aYqA8Z7Lnhw7NHNFdN5QwgAAACs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:43:23 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.175.34 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.175.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:43:16.382624 2026] [security2:error] [pid 19766:tid 19766] [client 209.50.175.34:40115] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kbalan.com"] [uri "/dev/.git/config"] [unique_id "aYpjBE7Ne-maESxrj6-pcwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 21:19:12 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.175.34 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.175.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:19:08.749353 2026] [security2:error] [pid 20028:tid 20028] [client 209.50.175.34:16789] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "horse7.com"] [uri "/app/.git/config"] [unique_id "aYpPTDM0qouLM0rhX-RLagAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-01-07 12:35:38 (5 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 14-35.209.50.175.34.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 14-35.209.50.175.34.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:15 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-02 19:11:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.175.34 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.175.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 14:11:33.719120 2025] [security2:error] [pid 5065:tid 5065] [client 209.50.175.34:30113] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sheamar.com"] [uri "/.svn/wc.db"] [unique_id "aS855Ry3qcQT-E-QjU_FnQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 15:35:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.175.34 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.175.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 10:35:36.167545 2025] [security2:error] [pid 32731:tid 32731] [client 209.50.175.34:14745] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stacyfarm.com"] [uri "/.env"] [unique_id "aS8HSD2K5cq24z7MpuUNJQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 40 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.158

🇺🇸 195.184.76.155

🇧🇷 187.50.226.182

🇺🇸 164.92.106.15

🇩🇪 104.248.130.34

🇮🇳 103.164.246.148

🇺🇸 64.62.197.177

🇬🇧 35.203.211.120

🇺🇸 216.218.206.100

🇹🇼 198.235.24.52

🇳🇴 185.101.33.182

🇨🇳 183.0.179.52

🇮🇳 182.95.150.186

🇧🇷 179.124.16.90

🇧🇷 177.93.194.232

🇺🇸 162.217.163.95

🇭🇰 114.111.53.214

🇨🇳 113.73.149.178

🇨🇳 113.44.119.71

🇺🇸 104.232.79.58