JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.184.174

209.50.184.174 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 30%: ?

30%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.184.174

Whois 209.50.184.174

IP Abuse Reports for 209.50.184.174:

This IP address has been reported a total of 23 times from 17 distinct sources. 209.50.184.174 was first reported on October 29th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 cwytech	2026-06-21 03:38:21 (2 days ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/wp-us-login-only-high.	Bad Web Bot Web App Attack
🇫🇷 pm33	2026-06-21 01:40:59 (2 days ago)	Wordpress login attempts	Brute-Force
🇫🇷 ELYAZ	2026-06-18 20:25:42 (5 days ago)	(y4) Failed scan -byebye- from 209.50.184.174 (ES/Spain/-): (CF_ENABLE)	Hacking
🇺🇸 mnsf	2026-06-13 01:05:10 (1 week ago)	Login Too Frequent (6)	Brute-Force Web App Attack
🇬🇷 setupgr	2026-06-11 05:50:04 (1 week ago)	(mod_security) mod_security (id:900001) triggered by 209.50.184.174: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:900001) triggered by 209.50.184.174: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Thu Jun 11 08:50:03.443235 2026] [security2:error] [pid 2066463:tid 2066635] [client 209.50.184.174:17231] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|alloweddomain2\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.cpanagiotou.gr"] [severity "CRITICAL"] [tag "security"] [hostname "mail.cpanagiotou.gr"] [uri "/wp-login.php"] [unique_id "aipMi83WZdkoJsk5IcTsgwAAABc"], referer: https://mail.cpanagiotou.gr/wp-login.php show less	Port Scan
🇺🇸 mnsf	2026-02-13 03:06:51 (4 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack
🇫🇷 dynamix	2026-02-13 02:40:32 (4 months ago)	Multiple WAF Violations	Web App Attack
🇩🇪 Lino Project	2026-02-13 01:40:10 (4 months ago)	CrowdSec abuse IP report (host SRV-2) Scenario: crowdsecurity/http-sensitive-files	Hacking
🇬🇧 myintarweb	2026-02-13 01:05:30 (4 months ago)	209.50.184.174 - - [13/Feb/2026:01:05:30 +0000] 443 "GET /admin/.env HTTP/1.1" 404 1558 "-" "Mozilla ... show more 209.50.184.174 - - [13/Feb/2026:01:05:30 +0000] 443 "GET /admin/.env HTTP/1.1" 404 1558 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Hacking Bad Web Bot Web App Attack
🇳🇿 FaB Property Group	2026-02-10 11:45:46 (4 months ago)	Requested file: admin/.env	Web App Attack
🇳🇱 ReporTR	2026-02-10 09:39:28 (4 months ago)	Repeated malicious activity detected by Fail2Ban jail 'plesk-modsecurity'. TCP connection completed. ... show more Repeated malicious activity detected by Fail2Ban jail 'plesk-modsecurity'. TCP connection completed. IP banned. show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:31:16 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.184.174 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.184.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:31:10.107741 2026] [security2:error] [pid 12836:tid 12836] [client 209.50.184.174:36025] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kirt.us"] [uri "/api/.env"] [unique_id "aYqmfn7dAdiOTFOkuxtjUAAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:26:10 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.184.174 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.184.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:26:07.133149 2026] [security2:error] [pid 3198:tid 3198] [client 209.50.184.174:10539] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hudready.com"] [uri "/app/.git/config"] [unique_id "aYp7H0ukpIi6U6Q4SNYKQQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Swiptly	2026-02-10 00:07:39 (4 months ago)	Bot scanning for environment files .env .env/\* ...	Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:35:09 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.184.174 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.184.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:35:01.778799 2026] [security2:error] [pid 26027:tid 26027] [client 209.50.184.174:21417] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kelleysbridge.com"] [uri "/.env"] [unique_id "aYpvJffpcjHUipENVFf08QAAABE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.236

🇮🇳 182.95.111.170

🇳🇱 176.65.139.253

🇫🇮 147.185.133.111

🇨🇳 113.123.147.107

🇮🇹 2a00:1450:4025:1803::12b

🇺🇸 54.151.95.177

🇺🇸 38.148.249.2

🇬🇧 35.203.211.90

🇮🇪 4.207.145.86

🇧🇷 189.15.10.179

🇹🇷 188.59.182.213

🇭🇰 152.32.214.226

🇨🇳 117.88.237.3

🇮🇳 103.213.194.250

🇨🇳 101.26.28.140

🇺🇸 100.7.57.181

🇺🇿 82.215.109.75

🇺🇸 74.192.225.229

🇰🇷 59.24.133.197