JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.165.148

209.50.165.148 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.165.148

Whois 209.50.165.148

IP Abuse Reports for 209.50.165.148:

This IP address has been reported a total of 21 times from 13 distinct sources. 209.50.165.148 was first reported on September 27th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Carsten	2026-06-07 19:49:24 (1 week ago)	GET [backup.sql.zip]	Port Scan
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇸🇪 SkyDancer	2026-01-29 11:33:41 (4 months ago)	Multiple login attempts via RDP and/or SSH using wrong credentials. Attack automatically blocked by ... show more Multiple login attempts via RDP and/or SSH using wrong credentials. Attack automatically blocked by SkyDancer Ai via interface. show less	Hacking Brute-Force SSH
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:51 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-12-08 14:10:52 (6 months ago)	botnet	DDoS Attack
Anonymous	2025-12-03 16:00:53 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-27 19:40:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.165.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.165.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 14:40:15.788659 2025] [security2:error] [pid 7901:tid 7922] [client 209.50.165.148:20827] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "batesandbrown.com"] [uri "/.svn/wc.db"] [unique_id "aSipH8t7mtXOwy1hyYEDVQAAAJM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:26:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.165.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.165.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:26:39.845118 2025] [security2:error] [pid 29603:tid 29603] [client 209.50.165.148:18295] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ryanc.net"] [uri "/.git/HEAD"] [unique_id "aSP6n1Qj_O3KYOrPk8Am0gAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:37:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.165.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.165.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:37:35.554069 2025] [security2:error] [pid 7265:tid 7265] [client 209.50.165.148:35637] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.mesaparaseis.com"] [uri "/.git/HEAD"] [unique_id "aSPvH5Wxkg4Yz6AlVcALUgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 15:57:08 (7 months ago)	attempts to hack passwords	Brute-Force Web App Attack
Anonymous	2025-11-13 23:23:03 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇫🇮 as211431.net	2025-11-09 14:30:12 (7 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /user/register/ UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2025-11-02 20:19:50 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 07:10:47	Port Scan Brute-Force Exploited Host Web App Attack
🇨🇦 wil.com	2025-10-18 12:02:25 (7 months ago)	GlobalProtect login attempts with user rubenray.	VPN IP Brute-Force
Anonymous	2025-10-18 02:56:00 (7 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.18 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.18 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 189.113.47.155

🇭🇰 172.253.5.30

🇩🇪 69.5.169.173

🇮🇳 34.14.214.227

🇧🇷 20.226.121.186

🇷🇺 176.112.128.143

🇸🇪 171.25.158.70

🇨🇦 165.227.39.235

🇺🇸 157.245.113.227

🇮🇳 103.59.132.160

🇳🇱 45.148.10.121

🇨🇦 216.26.242.170

🇧🇩 115.127.182.254

🇮🇳 103.248.120.6

🇨🇾 93.109.23.4

🇺🇸 216.218.206.73

🇮🇩 210.210.155.71

🇬🇧 185.247.137.49

🇻🇳 171.225.193.80

🇺🇸 165.154.36.105