JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.181.74

209.50.181.74 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 27%: ?

27%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.181.74

Whois 209.50.181.74

IP Abuse Reports for 209.50.181.74:

This IP address has been reported a total of 15 times from 11 distinct sources. 209.50.181.74 was first reported on December 5th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 poundawebsiteltd	2026-06-27 14:28:10 (1 day ago)	WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 209.50.181.74 - - [27/Jun/2026:15:28:04 +0100] P ... show more WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 209.50.181.74 - - [27/Jun/2026:15:28:04 +0100] POST /wp-login.php HTTP/1.1 200 8251 https://[REDACTED_DOMAIN]/wp-login.php Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:118.0) Gecko/20100101 Firefox/118.0 show less	Web App Attack
🇫🇷 ELYAZ	2026-06-26 02:41:35 (3 days ago)	(y4) Failed scan -byebye- from 209.50.181.74 (GB/United Kingdom/-): (CF_ENABLE)	Hacking
🇫🇷 France Artisanat	2026-06-20 16:39:03 (1 week ago)	Hi there, Not sure who on your team handles Google Ads — could you point me to the right pe ... show more Hi there, Not sure who on your team handles Google Ads — could you point me to the right person? My name is Ivan. I specialize in Google Ads and Google Ad Grants (and I share paid-ad strategies on YouTube). I visited your website: https://www.france-artisanat.fr/fa/contact.php and we are seeing that you guys are currently running Google Ads or have tried in the past. If you guys want, we could help you save a lot of money for a lifetime on the Google Ad Grants account that has a 0K/month free ad spend credit (provided and paid by Google Ads each month), meaning that you don't have to spend a dime each month to get free quality leads and sales. With our expertise on Google Ads, we can also help you set up successful ad campaigns, manage and optimize them to get you more customers/clients. If you have any questions private email me at: [email protected] If you’re not the right contact, please forward this or let me know who I should contact. show less	Web Spam
🇦🇺 oncord	2026-06-03 21:44:01 (3 weeks ago)	Form spam	Web Spam
🇬🇧 pinguin	2026-05-15 02:43:23 (1 month ago)	Triggered Cloudflare WAF (firewallManaged) from DE. Action taken: LOG Protocol: HTTP/2 (GET method) ... show more Triggered Cloudflare WAF (firewallManaged) from DE. Action taken: LOG Protocol: HTTP/2 (GET method) Endpoint: /wp-json/gravitysmtp/v1/tests/mock-data UA: curl/8.7.1 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 oncord	2026-04-10 17:05:28 (2 months ago)	Form spam	Web Spam
🇦🇺 RedBear IT	2026-03-26 10:00:37 (3 months ago)	"DDoS against public endpoint"	DDoS Attack
🇫🇷 mrcrassi	2026-01-05 14:17:40 (5 months ago)	Triggered Cloudflare WAF (firewallManaged) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (GET meth ... show more Triggered Cloudflare WAF (firewallManaged) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /blog/wp-config.php UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇫🇷 dynamix	2026-01-02 08:45:32 (5 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 mnsf	2025-12-29 11:05:46 (5 months ago)	Too many Status 40X (15)	Brute-Force Web App Attack
🇮🇹 VHosting	2025-12-24 06:10:13 (6 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 16:11:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 11:10:57.294695 2025] [security2:error] [pid 7596:tid 7596] [client 209.50.181.74:23971] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "barkdull.org"] [uri "/.svn/wc.db"] [unique_id "aTWnEdgwtC-XFgJgL1cLtwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 11:12:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 06:12:28.229271 2025] [security2:error] [pid 2872:tid 2872] [client 209.50.181.74:44275] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whaletailpuckerbutt.com"] [uri "/.git/HEAD"] [unique_id "aTK-HBfEKKDwB50gge10oQAAACc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 07:47:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 02:47:41.984406 2025] [security2:error] [pid 7638:tid 7638] [client 209.50.181.74:15001] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "qwixel.com"] [uri "/.svn/wc.db"] [unique_id "aTKOHe8VT8-GWXq5_qGnFgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 05:22:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.181.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.50.181.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 00:22:05.372198 2025] [security2:error] [pid 17483:tid 17483] [client 209.50.181.74:27841] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "holdingfamily.com"] [uri "/.env"] [unique_id "aTJr_a-jOdgCay1t4MbYGQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇿 197.242.170.10

🇳🇱 176.65.149.67

🇺🇸 172.253.209.151

🇯🇵 153.122.206.29

🇺🇸 147.185.132.93

🇰🇬 92.62.74.41

🇺🇸 44.247.122.18

🇺🇸 35.199.34.16

🇳🇱 34.34.56.29

🇹🇳 197.5.145.114

🇩🇪 167.94.145.30

🇺🇸 147.185.132.85

🇺🇸 147.185.132.81

🇺🇸 65.49.1.192

🇺🇸 52.190.221.87

🇺🇸 44.250.183.40

🇸🇬 34.142.220.236

🇨🇳 150.139.194.15

🇺🇸 147.185.132.66

🇺🇸 147.185.132.64