AbuseIPDB » 170.238.50.65
170.238.50.65
This IP was reported 6 times. Confidence of
Abuse
is 4% : ?
ISP
Desktop Sigmanet Comunicação Multimídia SA
Usage Type
Fixed Line ISP
ASN
AS28649
Domain Name
desktop.com.br
Country
🇧🇷
Brazil
City
Sao Vicente, Sao Paulo
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 170.238.50.65 :
This IP address has been reported a total of
6
times from
6 distinct
sources.
170.238.50.65 was first reported on
July 7th 2022 , and the most recent report was
1 day ago
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
🇺🇸
TPI-Abuse
2026-06-06 02:15:53
(1 day ago)
(mod_security) mod_security (id:210730) triggered by 170.238.50.65 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 170.238.50.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 22:15:47.006275 2026] [security2:error] [pid 26568:tid 26568] [client 170.238.50.65:36674] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.nlc-calumet.org|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.nlc-calumet.org"] [uri "/SON/pics/Thumbs.db"] [unique_id "aiOC0y4o7QmCfNMNX3Pz4AAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
🇺🇸
kosada.com
2025-12-16 22:30:06
(5 months ago)
Web bot: DDoS
DDoS Attack
Bad Web Bot
🇮🇩
hermawan
2025-09-16 13:41:32
(8 months ago)
[Tue Sep 16 20:34:28.398098 2025] [security2:error] [pid 23554:tid 140370099820224] [client 170.238. ...
show more
[Tue Sep 16 20:34:28.398098 2025] [security2:error] [pid 23554:tid 140370099820224] [client 170.238.50.65:61956] ModSecurity: Access denied with code 403 (phase 1). Match of "pm matomo.staklim-malang.info " against "SERVER_NAME" required. [file "/etc/modsecurity/coreruleset-4.16.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "164"] [id "440235"] [msg "BAD REQUEST Bro"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: %3a found within SERVER_NAME: staklim-malang.info request_line = GET /index.php/profil/arsip-artikel?catid=479&id=1092%3Aprakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal-2-8-agustus-2016&start=90 HTTP/2.0 Request URI RAW = /index.php/profil/arsip-artikel?catid=479&id=1092%3Aprakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal-2-8-agustus-2016&start=90 Reque..."] [hostname "staklim-malang.info"] [uri "/index.php/profil/arsip-artikel"] [unique_id "aMlnZGErCoc98R
...
show less
Hacking
Web App Attack
2025-01-30 04:08:42
(1 year ago)
Ports: 2077,2078,2082,2083,2086,2087,2095,2096; Direction: 0; Trigger: LF_DISTATTACK
Brute-Force
SSH
🇺🇸
LARL-Stompro-2024
2025-01-29 00:37:27
(1 year ago)
Evergreen ILS - Mylist Bot Abuse - Fake UserAgent. Requests:1
Bad Web Bot
🇺🇸
Custard
2022-07-07 20:51:38
(3 years ago)
Jul 7 19:49:34 dnsmasq[1405657]: query[ANY] peacecorps.gov from 170.238.50.65
Port Scan
Showing 1 to
6
of 6 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown 🚩
Recently Reported IPs: