JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.174.244

209.50.174.244 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 18%: ?

18%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.174.244

Whois 209.50.174.244

IP Abuse Reports for 209.50.174.244:

This IP address has been reported a total of 27 times from 14 distinct sources. 209.50.174.244 was first reported on September 26th 2025, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-06-09 03:30:11 (6 days ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇨🇭 4server	2026-05-13 04:28:39 (1 month ago)	[WedMay1306:28:36.3753322026][security2:error][pid259943:tid260021][client209.50.174.244:0]ModSecuri ... show more [WedMay1306:28:36.3753322026][security2:error][pid259943:tid260021][client209.50.174.244:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".svn\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"server-privato.com\"][uri\"/.svn/wc.db\"][unique_id\"agP99Fplb6kUQ5RkJh42hAAAAIU\"] show less	Hacking Web App Attack
🇦🇺 oncord	2026-05-01 05:24:42 (1 month ago)	Form spam	Web Spam
Anonymous	2026-04-18 10:44:26 (1 month ago)	Forum/form spam	Web Spam
🇮🇩 sockominfo	2026-04-07 18:00:09 (2 months ago)	Reported by TangerangKota-CSIRT. Status: MALICIOUS	Hacking Web App Attack
🇱🇻 garmtech.com	2026-03-30 07:40:20 (2 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇱🇻 garmtech.com	2026-03-30 07:40:12 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 cyfordtechnologies.com	2026-03-24 00:00:45 (2 months ago)	High-abuse ASN prefix: 209.50. : Reported by Cyford API	Web App Attack
🇵🇱 cheatmaster.store	2026-02-25 23:25:54 (3 months ago)	Automated report: This IP address has been identified as an active public open proxy. Classification ... show more Automated report: This IP address has been identified as an active public open proxy. Classification: Open Proxy \| Spoofing \| VPN/Anonymizer \| Bad Web Bot. Country: United States Threat level: High. This host is listed across multiple public proxy databases and poses a risk of abuse, credential stuffing, scraping, and spoofed traffic. Reported by automated threat intelligence pipeline. Do not whitelist without manual verification. show less	Web Spam Port Scan Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 00:38:53 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.174.244 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.174.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 19:38:47.198695 2026] [security2:error] [pid 25876:tid 25876] [client 209.50.174.244:56645] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.psychoatomicpower.com"] [uri "/.env"] [unique_id "aWraF-U8SJyg6HHXfgoXsgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-16 01:50:18 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.174.244 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.174.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 15 20:50:14.054393 2026] [security2:error] [pid 3340955:tid 3340955] [client 209.50.174.244:18737] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "saltyrootsyogaco.com"] [uri "/config.php%7C/.env%7Csettings.py"] [unique_id "aWmZVoWrzHv4WvFxo9XqNwAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 08:28:27 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.174.244 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.174.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 03:28:21.374869 2025] [security2:error] [pid 21959:tid 21959] [client 209.50.174.244:40069] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "magnawebinc.com"] [uri "/.git/HEAD"] [unique_id "aVI7pVfrzuYCAFAN7GwtfgAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 08:02:36 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.174.244 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.174.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 03:02:30.095616 2025] [security2:error] [pid 22502:tid 22509] [client 209.50.174.244:55009] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ronibenzvi.com"] [uri "/.env"] [unique_id "aVI1lrCDvlZNawKJ6vgE3AAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 07:29:02 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.174.244 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.174.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 02:28:54.927382 2025] [security2:error] [pid 15633:tid 15633] [client 209.50.174.244:52991] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vividlee.com"] [uri "/.git/HEAD"] [unique_id "aVIttpWn3PjolRWM153TZAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 178.253.23.61

🇳🇱 45.148.10.121

🇪🇸 2a01:4b80:3::31ff:fee4:10

🇧🇷 190.115.84.25

🇷🇺 185.141.234.221

🇺🇸 184.154.156.13

🇧🇷 177.43.105.11

🇻🇳 165.99.16.135

🇺🇸 162.216.149.50

🇺🇸 152.32.207.229

🇺🇸 152.32.207.179

🇫🇷 151.80.35.225

🇨🇳 111.229.31.4

🇦🇺 103.208.218.164

🇺🇸 82.108.66.6

🇮🇳 49.207.40.162

🇭🇰 43.154.195.142

🇨🇭 37.120.213.13

🇮🇳 27.123.94.66

🇺🇸 20.171.26.41