JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.173.165

209.50.173.165 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 30%: ?

30%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.173.165

Whois 209.50.173.165

IP Abuse Reports for 209.50.173.165:

This IP address has been reported a total of 24 times from 16 distinct sources. 209.50.173.165 was first reported on September 27th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 LSPCCU	2026-06-03 20:24:30 (2 weeks ago)	TSEC Honeypot Network report. Threat score: 87/100. Categories: Hacking, Brute-Force, Web App Attack ... show more TSEC Honeypot Network report. Threat score: 87/100. Categories: Hacking, Brute-Force, Web App Attack, SSH. Honeypot: ssh-telnet, cowrie. Context: 209. show less	Hacking Brute-Force Web App Attack SSH
🇬🇧 spamverify.com	2026-06-03 15:17:22 (2 weeks ago)	Honeypot Hit: WordPress Login	Web Spam Blog Spam Bad Web Bot Web App Attack
🇨🇿 ddw	2026-05-31 04:42:55 (3 weeks ago)	WordPress Brute Force Attack.	Hacking Brute-Force Web App Attack
🇦🇺 HJ5Ss4Ju	2026-05-28 12:10:19 (3 weeks ago)	Blocked by Wordfence (SID 6)	Web App Attack
🇲🇽 octageeks.com	2026-05-26 04:17:46 (3 weeks ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇲🇽 octageeks.com	2026-05-24 04:13:19 (4 weeks ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇺🇸 lostswordfish.com	2026-05-23 10:42:04 (4 weeks ago)	Wordfence waf block on jestrellafoundation	Web App Attack
🇺🇸 cyfordtechnologies.com	2026-05-02 10:26:46 (1 month ago)	High-abuse ASN prefix: 209.50. : Reported by Cyford API	Web App Attack
Anonymous	2026-03-09 18:21:51 (3 months ago)	Malicious activity detected	Hacking Web App Attack
Anonymous	2026-03-01 03:12:09 (3 months ago)	Forum/form spam	Web Spam
🇩🇪 403veli	2026-01-01 16:04:18 (5 months ago)	Confirmed malicious activity observed via T-Pot honeypot Observed 11 events on port 80 (unknown) fro ... show more Confirmed malicious activity observed via T-Pot honeypot Observed 11 events on port 80 (unknown) from 2026-01-01T16:04:18+00:00 to 2026-01-01T16:05:28.625000+00:00. Sample: {"src_ip": "209.50.173.165", "src_port": 17675, "dest_port": 80} show less	Port Scan
🇺🇸 TPI-Abuse	2025-11-24 04:43:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.165 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:43:10.128514 2025] [security2:error] [pid 18191:tid 18204] [client 209.50.173.165:14527] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "heartfailuredev.howiek.com"] [uri "/.svn/wc.db"] [unique_id "aSPiXvZQzvcLISeGO1EaTQAAAQE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:23:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.173.165 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.173.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:23:16.811859 2025] [security2:error] [pid 25129:tid 25129] [client 209.50.173.165:52087] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.chateau-saleza-bruges.com"] [uri "/.svn/wc.db"] [unique_id "aSPdtEWTxSBRUg7L6pyYiQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 02:48:45 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-11-02 21:58:30 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 07:22:25	Port Scan Brute-Force Exploited Host Web App Attack

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2601:642:4c01:19b2:f0ee:ba84:c4fc:922c

🇦🇺 206.83.118.170

🇭🇰 193.176.211.170

🇺🇸 172.58.250.162

🇧🇩 103.183.62.2

🇨🇳 101.230.3.227

🇩🇪 69.5.169.151

🇺🇸 45.130.83.88

🇨🇳 36.213.0.140

🇺🇸 20.168.107.40

🇳🇱 176.65.132.17

🇨🇳 111.26.106.119

🇱🇻 95.182.80.111

🇺🇸 73.161.96.107

🇺🇸 66.132.172.225

🇨🇳 60.16.220.171

🇨🇳 58.209.82.184

🇬🇧 2a06:4880:c000::e8

🇺🇸 170.199.228.59

🇨🇳 115.211.217.161