JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 213.165.85.250

213.165.85.250 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 37%: ?

37%

ISP	IONOS SE
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8560
Hostname(s)	ip213-165-85-250.pbiaas.com
Domain Name	ionos.com
Country	🇪🇸 Spain
City	Logrono, La Rioja

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 213.165.85.250

Whois 213.165.85.250

IP Abuse Reports for 213.165.85.250:

This IP address has been reported a total of 7 times from 7 distinct sources. 213.165.85.250 was first reported on June 3rd 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 rdpguard.com	2026-06-12 01:51:11 (1 week ago)	RdpGuard detected brute-force attempt on ASP.NET Web Forms	Brute-Force
🇨🇿 ptlab	2026-06-12 00:45:43 (1 week ago)	Detected php_null_array_access attack from WP-host.	Hacking Web App Attack
🇹🇼 kk_it_man	2026-06-12 00:33:02 (1 week ago)	ET WEB_SERVER /etc/passwd Detected in URI ET WEB_SERVER Script tag in URI Possible Cross Site Scri ... show more ET WEB_SERVER /etc/passwd Detected in URI ET WEB_SERVER Script tag in URI Possible Cross Site Scripting Attempt GPL WEB_SERVER 403 Forbidden show less	Port Scan
🇨🇦 Julio Covolato	2026-06-10 01:55:01 (1 week ago)	Imap or Submission login brute-force attacks.	Brute-Force
Anonymous	2026-06-09 16:56:06 (1 week ago)	BruteForce IMAP/POP3/SMTP	Brute-Force
🇺🇸 TPI-Abuse	2026-06-07 23:04:58 (2 weeks ago)	(mod_security) mod_security (id:211190) triggered by 213.165.85.250 (ip213-165-85-250.pbiaas.com): 1 ... show more (mod_security) mod_security (id:211190) triggered by 213.165.85.250 (ip213-165-85-250.pbiaas.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 19:04:54.124094 2026] [security2:error] [pid 28930:tid 28930] [client 213.165.85.250:50112] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|www.thesalonx.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /shop/?srsltid=/etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.thesalonx.com"] [uri "/shop/"] [unique_id "aiX5Fr7mulAaIDMx6ureNQAAAAg"], referer: https://www.thesalonx.com/shop/?srsltid=/etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-03 13:20:14 (2 weeks ago)	[03/Jun/2026:16:20:13 +0300] 178049281359.228671 213.165.85.250 55058 148.251.76.218 443 [03/Jun/202 ... show more [03/Jun/2026:16:20:13 +0300] 178049281359.228671 213.165.85.250 55058 148.251.76.218 443 [03/Jun/2026:16:20:13 +0300] 178049281336.609239 213.165.85.250 55058 148.251.76.218 443 show less	Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.181.172.244

🇩🇪 139.19.117.197

🇹🇷 45.139.198.110

🇭🇰 152.32.169.155

🇺🇸 136.175.102.90

🇰🇷 112.158.200.53

🇵🇰 103.151.46.74

🇺🇸 65.49.1.13

🇭🇰 47.242.144.15

🇪🇸 212.227.99.59

🇷🇴 193.32.162.34

🇳🇱 176.65.139.56

🇳🇱 81.19.216.100

🇺🇸 67.144.224.41

🇹🇷 45.139.198.170

🇨🇳 218.77.108.127

🇭🇰 199.45.155.82

🇨🇳 183.233.187.138

🇮🇳 103.113.39.133

🇳🇱 91.92.42.147