JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.168.92

209.50.168.92 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 52%: ?

52%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.168.92

Whois 209.50.168.92

IP Abuse Reports for 209.50.168.92:

This IP address has been reported a total of 30 times from 18 distinct sources. 209.50.168.92 was first reported on September 26th 2025, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 MAGIC	2026-06-02 01:23:04 (5 days ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇫🇷 ELYAZ	2026-05-30 23:43:14 (1 week ago)	(y4) Failed scan -byebye- from 209.50.168.92 (US/United States/-): (CF_ENABLE)	Hacking
Anonymous	2026-05-30 19:22:21 (1 week ago)	[ssd5.kdns.gr] httpd-login-spray-site: sites=e-anastasiadis.gr; logs=/var/log/httpd/domains/e-anasta ... show more [ssd5.kdns.gr] httpd-login-spray-site: sites=e-anastasiadis.gr; logs=/var/log/httpd/domains/e-anastasiadis.gr.log; samples=site_wide=true \| distinct_ips=64 \| /wp-login.php show less	Hacking Web App Attack
🇦🇺 HJ5Ss4Ju	2026-05-28 12:10:28 (1 week ago)	Blocked by Wordfence (SID 6)	Web App Attack
🇩🇪 4server	2026-05-26 23:39:43 (1 week ago)	[WedMay2701:39:37.8829122026][security2:error][pid2217912:tid2218044][client209.50.168.92:0]ModSecur ... show more [WedMay2701:39:37.8829122026][security2:error][pid2217912:tid2218044][client209.50.168.92:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"mgpublishing.ch\"][uri\"/wp-login.php\"][unique_id\"ahYvOawUAnqlksNhPdUZrgAAARI\"]\,referer:https://mgpublishing.ch/wp-login.php show less	Port Scan Brute-Force Web App Attack
🇲🇹 Malta	2026-05-26 02:35:31 (1 week ago)	209.50.168.92 - - [26/May/2026:04:35:31 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh ... show more 209.50.168.92 - - [26/May/2026:04:35:31 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.1.15" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇫🇷 pm33	2026-05-25 23:05:58 (1 week ago)	Wordpress login attempts	Brute-Force
🇩🇪 iNetWorker	2026-05-25 22:42:52 (1 week ago)	trolling for resource vulnerabilities	Web App Attack
🇩🇪 FeG Deutschland	2026-05-23 17:37:37 (2 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2	Exploited Host Web App Attack
🇺🇸 lostswordfish.com	2026-05-23 09:42:04 (2 weeks ago)	Wordfence waf block on secure	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-02-09 20:58:19 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:58:14.446900 2026] [security2:error] [pid 1035414:tid 1035414] [client 209.50.168.92:31483] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ganeki.com"] [uri "/.env"] [unique_id "aYpKZprZyTfCSliAOeDLCwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 19:55:23 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 14:55:07.397321 2026] [security2:error] [pid 11528:tid 11528] [client 209.50.168.92:58167] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gainow.net"] [uri "/.env.save"] [unique_id "aYo7m4ZNQNYK0k0duWjRJgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 17:09:47 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 12:09:39.433658 2026] [security2:error] [pid 29575:tid 29575] [client 209.50.168.92:45495] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fullbladderclub.com"] [uri "/.git/config"] [unique_id "aYoU0_dtHtaGA91nkPB8uAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 11:27:22 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 06:27:17.333517 2026] [security2:error] [pid 12363:tid 12363] [client 209.50.168.92:17179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "galengetting.com"] [uri "/test/.git/config"] [unique_id "aYnElUKrULpDAKss8_yHugAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 207.180.204.120

🇺🇸 45.202.240.36

🇹🇳 197.5.145.102

🇺🇸 168.100.149.233

🇺🇸 168.100.149.80

🇸🇬 152.32.218.149

🇨🇳 124.160.45.26

🇭🇰 118.26.37.26

🇮🇳 103.190.7.203

🇺🇸 47.251.13.59

🇳🇱 45.198.224.134

🇱🇹 2a02:4780:9:1728:0:30eb:aeed:1

🇨🇳 221.198.80.23

🇳🇱 193.176.31.212

🇺🇸 172.93.103.2

🇩🇪 141.11.45.97

🇨🇳 119.96.223.148

🇸🇪 81.226.129.67

🇷🇺 79.120.30.97

🇺🇸 74.125.92.113