JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.172.230

209.50.172.230 was found in our database!

This IP was reported 38 times. Confidence of Abuse is 45%: ?

45%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.172.230

Whois 209.50.172.230

IP Abuse Reports for 209.50.172.230:

This IP address has been reported a total of 38 times from 22 distinct sources. 209.50.172.230 was first reported on September 26th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 dtorrer	2026-06-14 12:58:30 (2 days ago)	Brute-force general attack.	Brute-Force
🇬🇷 setupgr	2026-06-14 12:22:20 (2 days ago)	(mod_security) mod_security (id:900001) triggered by 209.50.172.230: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:900001) triggered by 209.50.172.230: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sun Jun 14 15:22:16.352451 2026] [security2:error] [pid 948989:tid 949034] [client 209.50.172.230:21745] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.fashionfragonard.gr"] [severity "CRITICAL"] [tag "security"] [hostname "mail.fashionfragonard.gr"] [uri "/wp-login.php"] [unique_id "ai6c-NXD3_cY7WcDuxqBkgAAAJI"], referer: https://mail.fashionfragonard.gr/wp-login.php show less	Port Scan
🇬🇧 poundawebsiteltd	2026-06-14 03:14:11 (3 days ago)	WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 209.50.172.230 - - [14/Jun/2026:04:14:06 +0100] ... show more WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 209.50.172.230 - - [14/Jun/2026:04:14:06 +0100] POST /wp-login.php HTTP/1.1 200 7363 https://[REDACTED_DOMAIN]/wp-login.php Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0 show less	Web App Attack
🇩🇪 georgengelmann	2026-06-12 06:33:33 (4 days ago)	Failed login attempt for adminuser	Brute-Force Web App Attack
🇬🇷 setupgr	2026-06-12 00:51:16 (5 days ago)	(mod_security) mod_security (id:900001) triggered by 209.50.172.230: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:900001) triggered by 209.50.172.230: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 12 03:51:15.220646 2026] [security2:error] [pid 52863:tid 53029] [client 209.50.172.230:48041] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|alloweddomain2\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: tavernadimitris.com"] [severity "CRITICAL"] [tag "security"] [hostname "tavernadimitris.com"] [uri "/wp-login.php"] [unique_id "aitYAxJWFl-XeyyYvI6_6gAAAMg"], referer: https://tavernadimitris.com/wp-login.php show less	Port Scan
🇫🇷 pm33	2026-06-10 16:20:55 (6 days ago)	Wordpress login attempts	Brute-Force
🇫🇷 ELYAZ	2026-06-10 06:13:15 (6 days ago)	(y4) Failed scan -byebye- from 209.50.172.230 (US/United States/-): (CF_ENABLE)	Hacking
🇬🇧 thetomtaylor.co.uk	2026-06-04 21:06:02 (1 week ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice01,wa02]	Hacking Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-04 19:07:51 (1 week ago)	Abuse Detected (2)	Brute-Force Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-04 19:05:02 (1 week ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [wa01]	Hacking Brute-Force Bad Web Bot Web App Attack
🇫🇷 France Artisanat	2026-04-06 08:41:14 (2 months ago)	Attract engaged, keyword-driven traffic to your website with our AI-powered solution, costing far le ... show more Attract engaged, keyword-driven traffic to your website with our AI-powered solution, costing far less than paid ad campaigns. Get in touch to grow your site. https://ow.ly/nNVw50XSIIZ show less	Web Spam
Anonymous	2026-04-02 18:06:41 (2 months ago)	Forum/form spam	Web Spam
🇺🇸 myagent.site	2026-01-15 08:40:58 (5 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
Anonymous	2025-12-07 07:43:06 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-26 17:09:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.172.230 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.172.230 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 12:08:57.255890 2025] [security2:error] [pid 12921:tid 12921] [client 209.50.172.230:47691] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "geceindia.com"] [uri "/.env"] [unique_id "aSc0Kf_3E1g3MJaQC1fyeAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 38 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 164.92.121.89

🇺🇸 64.62.156.75

🇰🇷 211.186.136.61

🇮🇳 203.192.247.84

🇵🇱 176.221.122.191

🇧🇷 143.95.209.223

🇨🇳 110.249.201.134

🇨🇦 99.233.164.142

🇫🇷 91.196.152.34

🇳🇱 91.92.40.6

🇺🇸 71.6.233.2

🇮🇩 69.5.7.218

🇲🇾 47.250.159.119

🇨🇳 8.138.185.253

🇨🇳 222.139.132.118

🇬🇧 193.163.125.46

🇺🇸 191.102.170.111

🇩🇪 167.94.145.27

🇯🇵 161.129.35.16

🇨🇳 150.138.182.190