JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.165.138

209.50.165.138 was found in our database!

This IP was reported 39 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.165.138

Whois 209.50.165.138

IP Abuse Reports for 209.50.165.138:

This IP address has been reported a total of 39 times from 12 distinct sources. 209.50.165.138 was first reported on September 26th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 MAGIC	2026-05-14 01:01:34 (1 month ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇬🇧 relianoid.com	2026-04-02 23:09:37 (2 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇮🇩 securejdprop	2026-03-24 15:29:29 (2 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus D ... show more This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus DROP Listed Traffic Inbound group 60). Ip 209.50.165.138 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2026-03-24 15:29:28.528677496 +0000 UTC show less	Hacking Web App Attack
Anonymous	2026-03-19 22:13:21 (2 months ago)	Forum/form spam	Web Spam
🇩🇪 ger-stg-sifi1	2026-02-18 01:02:35 (3 months ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇲🇾 Rizzy	2026-01-29 04:47:18 (4 months ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:58 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-10 01:32:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.165.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.165.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 20:32:11.460361 2025] [security2:error] [pid 30931:tid 30931] [client 209.50.165.138:21325] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tickleytingles.com"] [uri "/.svn/wc.db"] [unique_id "aTjNm4_FTE6_CxZaHby2WwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 09:57:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.165.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.165.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 04:56:35.427093 2025] [security2:error] [pid 19026:tid 19026] [client 209.50.165.138:54565] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "register-yacht-dubai.com"] [uri "/.env"] [unique_id "aTfyU3DSOTgGxxwHzyJNRAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 13:57:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.165.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.165.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 08:57:30.828826 2025] [security2:error] [pid 25106:tid 25106] [client 209.50.165.138:34663] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "munnich.net"] [uri "/.git/HEAD"] [unique_id "aTQ2ShKomSvjaG9-yj2dyQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 12:32:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.165.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.165.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 07:32:38.298732 2025] [security2:error] [pid 5991:tid 5991] [client 209.50.165.138:13989] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "title-26.com"] [uri "/.git/HEAD"] [unique_id "aTLQ5tJMHnF6UCH-a190mAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 11:38:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.165.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.165.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 06:38:10.373331 2025] [security2:error] [pid 16477:tid 16477] [client 209.50.165.138:32209] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "usbea.com"] [uri "/.git/HEAD"] [unique_id "aTLEIgj32elK5ZjtKmXloAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 10:46:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.165.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.165.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 05:45:54.740367 2025] [security2:error] [pid 31628:tid 31628] [client 209.50.165.138:53121] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "publicspeakingforwinners.com"] [uri "/.git/HEAD"] [unique_id "aTK34tly03g0yqUF0RlZTgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 10:30:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.165.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.165.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 05:30:25.121753 2025] [security2:error] [pid 17071:tid 17071] [client 209.50.165.138:40747] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hatfulofrain.com"] [uri "/.env"] [unique_id "aTK0QcNZz-tdkjZj-a0j0AAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 08:18:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.165.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.165.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 03:18:35.677091 2025] [security2:error] [pid 30724:tid 30724] [client 209.50.165.138:36073] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "joevallone.com"] [uri "/.env"] [unique_id "aTKVW7jeBQOEa7rnLC_pWQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 39 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 195.154.52.92

🇨🇳 182.43.76.81

🇺🇸 165.154.172.57

🇨🇮 154.0.30.137

🇫🇷 91.196.152.107

🇺🇸 3.142.170.60

🇺🇸 2607:f8b0:4001:c0b::129

🇺🇸 207.46.13.31

🇧🇷 138.185.4.17

🇳🇬 102.88.21.136

🇫🇷 82.225.138.158

🇬🇧 45.82.76.118

🇺🇸 20.169.105.81

🇺🇸 20.169.83.190

🇮🇳 203.193.147.75

🇵🇰 203.124.60.46

🇳🇱 85.11.167.7

🇺🇸 66.240.236.116

🇬🇧 45.82.76.130

🇺🇦 37.221.159.89