JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 165.232.50.131

165.232.50.131 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 77%: ?

77%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇺🇸 United States of America
City	Santa Clara, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 165.232.50.131

Whois 165.232.50.131

IP Abuse Reports for 165.232.50.131:

This IP address has been reported a total of 27 times from 17 distinct sources. 165.232.50.131 was first reported on June 7th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-06-09 22:26:49 (1 week ago)		Brute-Force Web App Attack
🇫🇷 SpaceHost-Server	2026-06-08 22:26:46 (1 week ago)		Brute-Force Web App Attack
🇩🇰 ScamAware	2026-06-08 20:08:49 (1 week ago)	Detected by Cloudflare Security Events via WordPress automation. Detection: bad_bot_scanner (Bad bot ... show more Detected by Cloudflare Security Events via WordPress automation. Detection: bad_bot_scanner (Bad bot / scanner behavior). Hits from same IP in last 60 minutes: 1. Unique request paths counted internally: 1. Cloudflare action: block. Cloudflare source: firewallCustom. show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-08 10:50:57 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 165.232.50.131 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 165.232.50.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 06:50:52.794448 2026] [security2:error] [pid 1993:tid 1993] [client 165.232.50.131:51518] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|wurkroom.biz\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "wurkroom.biz"] [uri "/wp-json/wp/v2/users/"] [unique_id "aiaejDPQyX8sfpvop-YtLgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 09:52:56 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 165.232.50.131 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 165.232.50.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 05:52:49.312274 2026] [security2:error] [pid 11640:tid 11640] [client 165.232.50.131:56115] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|wp.dtla2028.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "wp.dtla2028.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aiaQ8XTxcgsw3avkCArU7QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 wordpresshosting.solutions	2026-06-08 09:12:39 (1 week ago)	Web brute-force / failed auth detected. Evidence: [Mon Jun 08 09:12:37.215197 2026] [access_compat:e ... show more Web brute-force / failed auth detected. Evidence: [Mon Jun 08 09:12:37.215197 2026] [access_compat:error] [pid 605968] [client 165.232.50.131:0] AH01797: client denied by server configuration: [WEB_ROOT]/xmlrpc.php [Mon Jun 08 09:12:38.679619 2026] [access_compat:error] [pid 605968] [client 165.232.50.131:0] AH01797: client denied by server configuration: [WEB_ROOT]/xmlrpc.php show less	Brute-Force Web App Attack
🇳🇱 Site.eu	2026-06-08 07:40:47 (1 week ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-08 07:09:36 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 165.232.50.131 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 165.232.50.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 03:09:29.517949 2026] [security2:error] [pid 11376:tid 11387] [client 165.232.50.131:51119] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|willmanlawfirm.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "willmanlawfirm.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aiZqqYB9fFKpngWqmd8ZOQAAAQg"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇱 Dolphi	2026-06-08 06:40:03 (1 week ago)	POST //xmlrpc.php	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 05:37:06 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 165.232.50.131 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 165.232.50.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 01:36:58.882430 2026] [security2:error] [pid 25882:tid 25882] [client 165.232.50.131:58683] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|smogsandiego.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "smogsandiego.com"] [uri "/what-is-a-smog-check/wp-json/wp/v2/users/"] [unique_id "aiZU-hXwDlnfFq6xKgxoqAAAADk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-06-08 05:00:07 (1 week ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-08 04:12:24 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 165.232.50.131 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 165.232.50.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 00:12:19.890317 2026] [security2:error] [pid 8039:tid 8039] [client 165.232.50.131:52592] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|weightlossover50.customdesignsbybjp.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "weightlossover50.customdesignsbybjp.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aiZBI2CuMtbGarZ3rrVezQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 wlt-blocker	2026-06-08 03:13:40 (1 week ago)	Unauthorized access to webpage admin	Web App Attack
🇺🇸 nyt	2026-06-08 02:35:35 (1 week ago)	Empty UA + error, WP Author Enumeration	Web App Attack
🇨🇭 backslash	2026-06-08 02:12:00 (1 week ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 31.130.35.29

🇮🇩 202.152.201.166

🇧🇪 198.235.24.174

🇧🇷 190.102.45.62

🇧🇷 170.80.110.11

🇺🇸 162.216.150.113

🇮🇩 157.10.182.14

🇺🇸 154.83.197.41

🇨🇳 120.55.163.52

🇷🇺 109.73.206.231

🇭🇰 101.36.122.139

🇺🇸 44.223.196.98

🇬🇧 35.203.210.213

🇹🇷 31.223.42.22

🇺🇸 3.132.26.232

🇧🇷 205.210.31.234

🇺🇸 162.216.150.221

🇨🇳 118.196.118.73

🇨🇳 116.179.37.95

🇬🇧 87.236.176.84