JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.168.78

209.50.168.78 was found in our database!

This IP was reported 39 times. Confidence of Abuse is 36%: ?

36%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.168.78

Whois 209.50.168.78

IP Abuse Reports for 209.50.168.78:

This IP address has been reported a total of 39 times from 22 distinct sources. 209.50.168.78 was first reported on September 27th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 spamverify.com	2026-06-22 16:04:38 (1 day ago)	Honeypot Hit: WordPress Login	Web Spam Blog Spam Bad Web Bot Web App Attack
🇺🇸 lostswordfish.com	2026-06-17 05:08:04 (6 days ago)	Wordfence waf block on restore georgia	Web App Attack
🇫🇷 ELYAZ	2026-06-16 02:58:30 (1 week ago)	(y4) Failed scan -byebye- from 209.50.168.78 (US/United States/-): (CF_ENABLE)	Hacking
🇬🇷 setupgr	2026-06-13 09:45:36 (1 week ago)	(mod_security) mod_security (id:900001) triggered by 209.50.168.78: 1 in the last 86400 secs; Ports: ... show more (mod_security) mod_security (id:900001) triggered by 209.50.168.78: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sat Jun 13 12:45:33.619604 2026] [security2:error] [pid 705293:tid 705498] [client 209.50.168.78:42475] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.setworldup.com"] [severity "CRITICAL"] [tag "security"] [hostname "mail.setworldup.com"] [uri "/wp-login.php"] [unique_id "ai0mvXxsrtCDMa-O0cItXwAAARE"], referer: https://mail.setworldup.com/wp-login.php show less	Port Scan
🇫🇷 pm33	2026-06-10 16:21:26 (1 week ago)	Wordpress login attempts	Brute-Force
🇫🇷 ELYAZ	2026-06-09 18:07:50 (2 weeks ago)	(y4) Failed scan -byebye- from 209.50.168.78 (US/United States/-): (CF_ENABLE)	Hacking
Anonymous	2026-06-09 14:58:08 (2 weeks ago)	209.50.168.78 - - [09/Jun/2026:16:58:08 +0200] "GET http://www/admin/ HTTP/1.1" 301 169 "https://www ... show more 209.50.168.78 - - [09/Jun/2026:16:58:08 +0200] "GET http://www/admin/ HTTP/1.1" 301 169 "https://www/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" show less	Web App Attack
🇨🇭 zynex	2026-05-24 16:49:45 (4 weeks ago)	URL Probing: /test/wp-includes/wlwmanifest.xml	Web App Attack
Anonymous	2026-04-12 05:44:56 (2 months ago)	Attempt to scan vulnerabilities	Hacking
🇫🇷 IRISIO	2026-03-27 10:37:18 (2 months ago)	scans/SQL injection/spam posts : 1 queries	Web App Attack SQL Injection
🇺🇸 SiliSoftware	2026-03-21 10:55:39 (3 months ago)	/wp-includes/wlwmanifest.xml	Web App Attack
Anonymous	2026-02-11 09:01:00 (4 months ago)	SMS pumping	DDoS Attack VPN IP Bad Web Bot Web App Attack
🇳🇱 Mangelot Hosting	2025-12-20 13:58:04 (6 months ago)	(modsecurity) srv101 ModSecurity 209.50.168.78 (US/United States/-): 5 in the last 3600 secs; Ports: ... show more (modsecurity) srv101 ModSecurity 209.50.168.78 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 16:24:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.78 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 11:24:22.090447 2025] [security2:error] [pid 18560:tid 18560] [client 209.50.168.78:53537] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "teamworkchristmascards.com"] [uri "/.env"] [unique_id "aS8StjSNE0HmBA_kme2-jQAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 12:52:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.78 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 07:52:50.815804 2025] [security2:error] [pid 27654:tid 27654] [client 209.50.168.78:37517] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lemontreefoods.com"] [uri "/.svn/wc.db"] [unique_id "aS7hIhCWPWqO84CQ0r8sjgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 39 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 2607:f8b0:4023:1807::12e

🇨🇦 2607:f8b0:4023:1807::120

🇺🇸 205.210.31.87

🇩🇪 193.124.20.252

🇸🇪 185.246.130.20

🇳🇱 185.223.235.22

🇸🇬 140.245.99.105

🇳🇱 45.148.10.152

🇳🇱 45.148.10.141

🇩🇪 213.209.159.154

🇷🇺 176.215.18.218

🇺🇸 91.230.168.233

🇫🇷 86.214.97.110

🇰🇷 61.43.121.132

🇬🇧 35.203.211.114

🇬🇧 35.203.210.35

🇺🇸 2a10:3c0:4:2:1:33:0:5

🇳🇱 212.192.216.2

🇹🇼 198.235.24.78

🇦🇫 180.94.75.90