JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.237.50

216.26.237.50 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 19%: ?

19%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.237.50

Whois 216.26.237.50

IP Abuse Reports for 216.26.237.50:

This IP address has been reported a total of 27 times from 16 distinct sources. 216.26.237.50 was first reported on September 26th 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 MAGIC	2026-06-23 09:14:32 (3 days ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇫🇷 Sklurk	2026-06-20 00:20:40 (6 days ago)	Web App Attack	Web App Attack
🇱🇻 garmtech.com	2026-05-20 18:14:26 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 21-14.216.26.237.50.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 21-14.216.26.237.50.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇦🇺 MAGIC	2026-04-26 00:34:34 (2 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇦🇺 MAGIC	2026-03-05 01:20:51 (3 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇫🇮 JimArchon72	2026-02-26 02:20:05 (4 months ago)	2026/02/26 02:15:13 "GET /wp-login.php HTTP/2.0"	Web App Attack
🇨🇦 SSH-Admin	2026-02-07 17:12:28 (4 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇨🇦 SSH-Admin	2025-12-27 13:45:08 (5 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:24:23 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.237.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.237.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:24:16.095865 2025] [security2:error] [pid 31244:tid 31244] [client 216.26.237.50:42851] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.tankercontrol.com"] [uri "/.env"] [unique_id "aSaPAMjqMVu2AU-GV2WxqQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2025-11-25 22:59:16 (7 months ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2025-11-24. show less	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-24 08:43:29 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.237.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.237.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:43:20.074762 2025] [security2:error] [pid 12006:tid 12056] [client 216.26.237.50:57263] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.condo.management"] [uri "/.svn/wc.db"] [unique_id "aSQaqEDKyspBjqfQ2lVV5AAAAEE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:39:10 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.237.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.237.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:39:04.214544 2025] [security2:error] [pid 11256:tid 11256] [client 216.26.237.50:44741] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.ashleycroft.com"] [uri "/.git/HEAD"] [unique_id "aSQLmARCg9WargPW_SMd_gAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:20:27 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.237.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.237.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:20:14.774282 2025] [security2:error] [pid 28435:tid 28435] [client 216.26.237.50:56369] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.pilotchristmascards.com"] [uri "/.env"] [unique_id "aSQHLuDKlohwt2t0ycwJtQAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:41:52 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.237.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.237.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:41:11.589896 2025] [security2:error] [pid 6457:tid 6457] [client 216.26.237.50:19685] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.theillustrator.net"] [uri "/.git/HEAD"] [unique_id "aSPv9wOCSqKF2IVPzarYmwAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:13:21 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.237.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.237.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:13:16.232168 2025] [security2:error] [pid 6285:tid 6285] [client 216.26.237.50:41561] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.transportadoresaereos.com"] [uri "/.svn/wc.db"] [unique_id "aSPbXCNoXwUFqn9f8IFRhQAAABg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.45

🇸🇪 31.59.160.12

🇺🇸 216.25.89.152

🇺🇸 173.239.218.165

🇺🇸 162.216.149.228

🇺🇸 162.216.149.17

🇿🇦 102.130.49.150

🇫🇷 85.217.140.26

🇧🇬 79.124.62.134

🇧🇷 45.205.1.240

🇳🇱 20.56.1.201

🇺🇸 18.218.118.203

🇺🇸 216.25.89.95

🇨🇿 194.182.64.174

🇷🇴 193.32.162.84

🇫🇮 147.185.133.99

🇮🇳 122.187.225.78

🇨🇳 111.35.36.48

🇮🇳 103.118.35.22

🇳🇱 91.92.40.240