JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.168.113

209.50.168.113 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.168.113

Whois 209.50.168.113

IP Abuse Reports for 209.50.168.113:

This IP address has been reported a total of 25 times from 13 distinct sources. 209.50.168.113 was first reported on September 26th 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 MAGIC	2026-05-21 05:12:53 (3 weeks ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇬🇧 relianoid.com	2026-03-31 07:50:40 (2 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
Anonymous	2026-03-28 16:46:13 (2 months ago)	Forum/form spam	Web Spam
🇬🇧 relianoid.com	2026-02-01 15:25:32 (4 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇦🇺 MAGIC	2026-01-21 02:03:50 (4 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2026-01-04 16:01:01 (5 months ago)	botnet	DDoS Attack
🇮🇹 VHosting	2025-12-24 07:10:23 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-28 20:38:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 15:38:26.944984 2025] [security2:error] [pid 32694:tid 32706] [client 209.50.168.113:55485] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "12am.us"] [uri "/.env"] [unique_id "aSoIQivZR-6AGTImf9R9swAAAYo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 13:57:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 08:57:07.596432 2025] [security2:error] [pid 30283:tid 30283] [client 209.50.168.113:26253] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mitchellamazing.com"] [uri "/wp-config.php.bak"] [unique_id "aSmqM_hS5Jmy4zlCIt-c6wAAAAc"], referer: http://amazingstageballast.com/wp-config.php.bak show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 08:05:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 03:05:55.698896 2025] [security2:error] [pid 799:tid 799] [client 209.50.168.113:20699] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "altoshp.com"] [uri "/.env"] [unique_id "aSlX4zOpRnMJua_UZm4TsQAAACY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 06:57:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 01:57:09.502698 2025] [security2:error] [pid 16504:tid 16504] [client 209.50.168.113:49399] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alternative-security.com"] [uri "/wp-config.php.bak"] [unique_id "aSlHxTYIW3YfFeKU2gQykgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-13 23:46:35 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇩🇪 london2038.com	2025-10-26 05:25:43 (7 months ago)	Detected by WP fail2ban 2025-10-26T06:25:42.398268+01:00 wordpress: Authentication attempt from 209. ... show more Detected by WP fail2ban 2025-10-26T06:25:42.398268+01:00 wordpress: Authentication attempt from 209.50.168.113 show less	Brute-Force Web App Attack
Anonymous	2025-10-18 08:41:45 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.18 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.18 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-15 20:04:54 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.15 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.15 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇷 80.191.134.25

🇺🇸 152.32.233.100

🇨🇳 124.228.34.69

🇩🇪 85.215.117.93

🇱🇹 45.227.254.170

🇳🇱 45.148.10.183

🇸🇾 131.222.210.39

🇺🇸 86.111.187.169

🇺🇸 44.126.193.217

🇷🇴 2.57.121.25

🇺🇸 205.210.31.25

🇪🇨 193.30.14.163

🇺🇸 172.252.125.150

🇺🇸 172.104.210.244

🇺🇸 147.185.132.205

🇿🇦 105.247.69.196

🇺🇸 45.42.88.54

🇨🇦 24.202.9.78

🇧🇪 198.235.24.243

🇪🇹 196.188.187.21