JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.174.218

209.50.174.218 was found in our database!

This IP was reported 33 times. Confidence of Abuse is 14%: ?

14%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.174.218

Whois 209.50.174.218

IP Abuse Reports for 209.50.174.218:

This IP address has been reported a total of 33 times from 14 distinct sources. 209.50.174.218 was first reported on September 27th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇰 SaltySoftworks	2026-06-15 02:40:12 (1 day ago)	User agent spoofing Page: /wp-sitemap.xml	Spoofing Hacking Web App Attack
🇫🇮 inlink.ltd	2026-06-10 17:06:21 (6 days ago)	Known malicious PHP file or CMS probe	Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:58:48 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.174.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.174.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:58:39.375121 2026] [security2:error] [pid 1036997:tid 1036997] [client 209.50.174.218:52547] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ganeki.com"] [uri "/frontend/.env"] [unique_id "aYpKf6wcbeXEhuZGL0e1HAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 17:58:13 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.174.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.174.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 12:57:48.791291 2026] [security2:error] [pid 18212:tid 18212] [client 209.50.174.218:26993] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "furballrecords.com"] [uri "/.env.save"] [unique_id "aYogHJJ5THROqHOAE89FNAAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 12:25:56 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.174.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.174.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 07:25:49.589106 2026] [security2:error] [pid 19337:tid 19364] [client 209.50.174.218:53385] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gamecrazy.us"] [uri "/admin/.env"] [unique_id "aYnSTR9XhWz9IoldCWnFJwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 barbarella	2026-02-09 10:07:13 (4 months ago)	Configuration snooping in .env file (GET /frontend/.env)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 09:54:46 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.174.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.174.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 04:54:40.193586 2026] [security2:error] [pid 1373104:tid 1373104] [client 209.50.174.218:45957] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gabbyspetnanny.com"] [uri "/.env.local"] [unique_id "aYmu4FF6nWHiupKeFmbMhQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 03:48:33 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.174.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.174.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 08 22:48:29.006355 2026] [security2:error] [pid 28070:tid 28070] [client 209.50.174.218:16071] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fuegolounge813.com"] [uri "/.env.production"] [unique_id "aYlZDZwsC-ibUKNTsze9-wAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 SSH-Admin	2026-02-07 17:12:28 (4 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇨🇦 SSH-Admin	2025-12-27 13:45:08 (5 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇱🇻 garmtech.com	2025-12-24 10:16:33 (5 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇮🇹 VHosting	2025-12-23 11:08:25 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇱🇻 garmtech.com	2025-12-01 19:31:44 (6 months ago)	IM360 WAF: Attempt to upload malware	Hacking
Anonymous	2025-11-17 08:13:58 (6 months ago)	Illegitimate and/or suspicious requests.	Hacking
Anonymous	2025-11-13 21:32:55 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 33 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.56

🇺🇸 205.210.31.36

🇲🇽 187.216.224.85

🇷🇺 178.178.222.50

🇵🇰 119.152.102.54

🇨🇳 119.120.91.95

🇮🇳 103.112.213.190

🇨🇦 3.99.247.35

🇳🇱 193.176.31.248

🇮🇶 185.166.25.150

🇧🇷 181.223.161.117

🇺🇸 129.146.123.189

🇳🇱 93.174.93.12

🇫🇷 91.231.89.211

🇫🇷 91.231.89.107

🇱🇹 81.30.98.158

🇺🇸 64.23.209.197

🇨🇳 58.59.101.110

🇩🇪 47.254.144.111

🇧🇷 43.164.196.114