JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.165.143

209.50.165.143 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 36%: ?

36%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.165.143

Whois 209.50.165.143

IP Abuse Reports for 209.50.165.143:

This IP address has been reported a total of 28 times from 15 distinct sources. 209.50.165.143 was first reported on September 27th 2025, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Lino Project	2026-06-20 08:33:59 (6 days ago)	209.50.165.143 - - [20/Jun/2026:10:33:58 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3935 "-" "Mozilla/5. ... show more 209.50.165.143 - - [20/Jun/2026:10:33:58 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3935 "-" "Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:119.0) Gecko/20100101 Firefox/119.0" ... show less	Brute-Force Bad Web Bot Web App Attack
🇳🇿 billyborsht	2026-06-20 02:37:37 (1 week ago)	2026-06-20T14:37:35.967206+12:00 southern wordpress(abrahamic.nz)[1115721]: Authentication attempt f ... show more 2026-06-20T14:37:35.967206+12:00 southern wordpress(abrahamic.nz)[1115721]: Authentication attempt for unknown user 654694041 from 209.50.165.143 ... show less	Hacking Web App Attack
🇳🇿 billyborsht	2026-06-19 00:35:12 (1 week ago)	2026-06-19T12:35:11.030311+12:00 southern wordpress(kate.frykberg.co.nz)[1049761]: Authentication at ... show more 2026-06-19T12:35:11.030311+12:00 southern wordpress(kate.frykberg.co.nz)[1049761]: Authentication attempt for unknown user system0 from 209.50.165.143 ... show less	Hacking Web App Attack
🇩🇪 iNetWorker	2026-06-18 14:10:36 (1 week ago)	trolling for resource vulnerabilities	Web App Attack
🇺🇸 dtorrer	2026-06-17 13:19:08 (1 week ago)	Brute-force general attack.	Brute-Force
🇬🇷 setupgr	2026-06-15 17:03:25 (1 week ago)	(mod_security) mod_security (id:900001) triggered by 209.50.165.143: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:900001) triggered by 209.50.165.143: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Mon Jun 15 20:03:24.338176 2026] [security2:error] [pid 1917013:tid 1917189] [client 209.50.165.143:13263] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: setworldup.com"] [severity "CRITICAL"] [tag "security"] [hostname "setworldup.com"] [uri "/wp-login.php"] [unique_id "ajAwXEEA9pRZS3vlJ2utXAAAAJM"], referer: https://setworldup.com/wp-login.php show less	Port Scan
Anonymous	2026-06-15 14:53:12 (1 week ago)	Brute forcing Wordpress login	Hacking Web App Attack
🇪🇸 librebit	2026-05-17 04:38:01 (1 month ago)	Brute force	Brute-Force
🇺🇸 TPI-Abuse	2026-01-13 08:42:44 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.165.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.165.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 13 03:42:35.617299 2026] [security2:error] [pid 25476:tid 25476] [client 209.50.165.143:47087] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "birascreekresort.com"] [uri "/.svn/wc.db"] [unique_id "aWYFe6aK8Z3Lkmb8Hohv1AAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:01:41 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.165.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.165.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:01:36.646506 2025] [security2:error] [pid 26145:tid 26145] [client 209.50.165.143:42697] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bhsp.org"] [uri "/.svn/wc.db"] [unique_id "aSQe8HVEa7CZvy3X2GtvtAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:43:26 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.165.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.165.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:43:13.833364 2025] [security2:error] [pid 30933:tid 30933] [client 209.50.165.143:41695] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.statisticsvignettes.com"] [uri "/.git/HEAD"] [unique_id "aSPwcXhJsmZUUL8X1m7UjgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:03:53 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.165.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.165.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:03:45.805412 2025] [security2:error] [pid 22739:tid 22739] [client 209.50.165.143:10525] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.coinbracelet.com"] [uri "/.git/HEAD"] [unique_id "aSPZIa2evvMi2Fof17IlCwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:38:12 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.165.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.165.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:38:06.440831 2025] [security2:error] [pid 26814:tid 26814] [client 209.50.165.143:38197] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "21north.com"] [uri "/.git/HEAD"] [unique_id "aSPTHqQKkdizfl-V3_KHuAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 02:54:24 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.165.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.165.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 21:54:20.779603 2025] [security2:error] [pid 11093:tid 11093] [client 209.50.165.143:56745] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.adirondackwaterfront.com"] [uri "/.git/HEAD"] [unique_id "aSPI3BnupTKCYGX1OdiEuwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 Rosh	2025-10-18 07:53:56 (8 months ago)	[10/18/25 09:53:56] SSH: authentication failure	Brute-Force SSH

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 185.242.226.112

🇩🇪 185.159.123.146

🇫🇮 147.185.133.135

🇬🇧 135.136.20.28

🇵🇱 94.152.61.226

🇩🇪 81.88.34.225

🇧🇬 79.124.40.138

🇮🇳 49.206.194.29

🇸🇬 47.84.110.81

🇷🇴 193.32.162.82

🇲🇽 189.178.86.243

🇺🇸 162.216.150.235

🇻🇳 123.31.20.162

🇳🇵 103.10.31.10

🇫🇷 85.217.140.43

🇫🇷 85.217.140.15

🇩🇪 84.233.216.173

🇮🇹 79.9.131.136

🇸🇪 20.240.51.74

🇺🇸 20.84.61.38