JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.50.168.105

209.50.168.105 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.50.168.105

Whois 209.50.168.105

IP Abuse Reports for 209.50.168.105:

This IP address has been reported a total of 23 times from 12 distinct sources. 209.50.168.105 was first reported on September 26th 2025, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (3 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 mnsf	2026-02-16 02:05:53 (4 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack
🇳🇿 FaB Property Group	2026-02-16 00:55:56 (4 months ago)	Requested file: vendor/autoload.php	Web App Attack
🇨🇦 TechnoSolutions CL	2026-02-15 12:41:14 (4 months ago)	209.50.168.105 - - [15/Feb/2026:12:41:13 +0000] "GET /wp/.git/config HTTP/1.1" 301 162 "-" "Mozilla/ ... show more 209.50.168.105 - - [15/Feb/2026:12:41:13 +0000] "GET /wp/.git/config HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" 209.50.168.105 - - [15/Feb/2026:12:41:13 +0000] "GET /test/.git/config HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Hacking Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-15 03:55:03 (4 months ago)	Bot / scanning and/or hacking attempts: GET /.env.local HTTP/1.1, GET /test/.git/config HTTP/1.1, GE ... show more Bot / scanning and/or hacking attempts: GET /.env.local HTTP/1.1, GET /test/.git/config HTTP/1.1, GET /site/.git/config HTTP/1.1, GET /.aws/credentials HTTP/1.1, GET /wp/.git/config HTTP/1.1, GET /app/.git/config HTTP/1.1, GET /backend/.env HTTP/1.1, GET /.git/config HTTP/1.1, GET /backup/.git/config HTTP/1.1, GET /api/.git/config HTTP/1.1, GET /v2/.git/config HTTP/1.1, GET /dev/.git/config HTTP/1.1, GET /admin/.git/config HTTP/1.1, GET /new/.git/config HTTP/1.1, GET /frontend/.env HTTP/1.1, GET /config/.env HTTP/1.1 show less	Hacking Web App Attack
🇺🇸 mnsf	2026-02-15 01:05:47 (4 months ago)	Too many Status 40X (11) Scanning/Probing (11)	Brute-Force Web App Attack
🇨🇭 Origon	2026-02-14 22:45:27 (4 months ago)	http-sensitive-files - IP: 209.50.168.105 - time="2026-02-14T23:45:27+01:00" level=info msg="(555f6 ... show more http-sensitive-files - IP: 209.50.168.105 - time="2026-02-14T23:45:27+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 209.50.168.105 (US/200373) : 4h ban on Ip 209.50.168.105" module=db show less	Web App Attack
🇺🇸 myagent.site	2026-02-14 22:30:32 (4 months ago)	Blocking for trying to access an exploit file: /v2/.git/config	Hacking
🇫🇷 dynamix	2026-02-14 21:48:41 (4 months ago)	Multiple WAF Violations	Web App Attack
Anonymous	2025-11-28 22:22:49 (6 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.28 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.28 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-24 06:34:10 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.105 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:34:05.057436 2025] [security2:error] [pid 18192:tid 18247] [client 209.50.168.105:56485] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.plumberw9.com"] [uri "/.svn/wc.db"] [unique_id "aSP8XSagYJ-Jn6Tmn4s-awAAAVE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:50:28 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 209.50.168.105 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 209.50.168.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:50:23.392520 2025] [security2:error] [pid 17602:tid 17602] [client 209.50.168.105:60379] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.ospreylake.org"] [uri "/.svn/wc.db"] [unique_id "aSPkD3cu-QU9-w_uXXFkdAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-17 04:06:28 (7 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.17 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.17 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-13 23:58:46 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-11-11 04:00:06 (7 months ago)	Attempted brute force login to web vpn 4 time(s); last attempt for 2025.11.11 is noted in report tim ... show more Attempted brute force login to web vpn 4 time(s); last attempt for 2025.11.11 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2602:feda:f39d:c75e:f381:628d:f68a:2e28

🇰🇷 222.121.250.203

🇫🇮 193.66.151.86

🇬🇧 185.216.145.171

🇨🇳 183.134.92.191

🇨🇳 180.76.172.156

🇫🇮 147.185.133.85

🇺🇸 137.184.95.216

🇮🇩 110.35.80.116

🇸🇬 104.207.76.183

🇺🇸 66.132.195.38

🇺🇸 66.132.172.41

🇺🇸 64.62.156.93

🇸🇬 45.197.12.65

🇺🇸 45.132.227.60

🇧🇪 34.77.38.180

🇦🇺 34.40.145.110

🇨🇳 27.8.44.168

🇧🇷 20.226.81.217

🇺🇸 216.73.163.54