JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.168.56

209.50.168.56 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.168.56

Whois 209.50.168.56

IP Abuse Reports for 209.50.168.56:

This IP address has been reported a total of 23 times from 8 distinct sources. 209.50.168.56 was first reported on September 27th 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 securejdprop	2026-05-17 04:46:48 (3 weeks ago)	This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus D ... show more This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus DROP Listed Traffic Inbound group 62). Ip 209.50.168.56 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2026-05-17 04:46:48.041076193 +0000 UTC show less	Hacking Web App Attack
🇸🇬 securejdprop	2026-04-24 20:20:34 (1 month ago)	This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus D ... show more This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus DROP Listed Traffic Inbound group 62). Ip 209.50.168.56 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2026-04-24 20:20:33.774781323 +0000 UTC show less	Hacking Web App Attack
🇦🇺 oncord	2025-12-29 04:30:58 (5 months ago)	Form spam	Web Spam
🇦🇺 oncord	2025-12-07 06:09:35 (6 months ago)	Form spam	Web Spam
🇺🇸 nowyouknow	2025-12-05 20:50:51 (6 months ago)	(From [email protected]) Top-rated seo services to supercharge your website backlinks! B ... show more (From [email protected]) Top-rated seo services to supercharge your website backlinks! BonusBacklinks.com - we build daily backlinks and drive organic visits to your page EVERY DAY: + Get 85% DISCOUNT + Trusted daily seo backlinks + Organic web traffic + Prices start from $1 + Bonus coupon codes Explore seo sales - https://tiny.cc/bonusbacklinks-sale Or visit directly - https://Bonusbacklinks.com BonusBacklinks - daily seo backlinks and website visits to grow your website every day show less	Phishing Web Spam
🇺🇸 TPI-Abuse	2025-12-02 18:38:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 13:38:21.480988 2025] [security2:error] [pid 31281:tid 31281] [client 209.50.168.56:33691] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "uniqpresence.com"] [uri "/.svn/wc.db"] [unique_id "aS8yHUXNEpGbulohJdkpqQAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 13:59:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 08:59:07.113904 2025] [security2:error] [pid 21015:tid 21015] [client 209.50.168.56:25015] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aslproud.com"] [uri "/.git/HEAD"] [unique_id "aS7wq2EzYuVlRvOfD1AmqgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 10:06:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 05:05:53.880080 2025] [security2:error] [pid 23044:tid 23044] [client 209.50.168.56:49015] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "roguetechscene.com"] [uri "/.git/HEAD"] [unique_id "aS66ASAht6crudjnehmFGwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 08:17:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 03:16:57.504852 2025] [security2:error] [pid 16431:tid 16431] [client 209.50.168.56:37333] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "shelbysmoak.com"] [uri "/.svn/wc.db"] [unique_id "aS6geX8sTn8iByjSXbw7LgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:55:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:55:20.161919 2025] [security2:error] [pid 13462:tid 13462] [client 209.50.168.56:24865] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vankesselporsche.com"] [uri "/.git/HEAD"] [unique_id "aS5_SBpneaRnMjPFdaBpXQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:49:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:49:16.393114 2025] [security2:error] [pid 30766:tid 30766] [client 209.50.168.56:53175] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "onlinesuretybonds.com"] [uri "/.env"] [unique_id "aS5vzDsARqmk45jCjp36dwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-13 21:20:41 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-11-02 14:52:09 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 07:25:40	Port Scan Brute-Force Exploited Host Web App Attack
🇨🇦 wil.com	2025-10-16 05:54:10 (7 months ago)	GlobalProtect login attempts with user jfontaine.	VPN IP Brute-Force
Anonymous	2025-10-14 10:27:11 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.14 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.14 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇪 190.142.97.50

🇧🇪 35.233.84.46

🇩🇪 2a01:4f8:150:13a5::100:26

🇬🇧 193.163.125.174

🇦🇷 186.122.177.140

🇺🇸 162.216.150.23

🇺🇸 162.144.12.37

🇰🇬 146.19.220.76

🇮🇩 103.148.100.146

🇷🇴 92.118.39.236

🇺🇸 64.62.197.44

🇸🇬 47.84.110.81

🇦🇷 45.177.200.254

🇨🇭 20.250.145.94

🇷🇴 2.57.121.112

🇨🇳 223.245.216.251

🇺🇸 172.70.179.199

🇪🇸 158.173.36.240

🇵🇱 91.228.33.72

🇰🇷 49.173.65.19