JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.248.50

216.26.248.50 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 17%: ?

17%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.248.50

Whois 216.26.248.50

IP Abuse Reports for 216.26.248.50:

This IP address has been reported a total of 15 times from 8 distinct sources. 216.26.248.50 was first reported on October 17th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-06-12 02:30:44 (1 week ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇬🇧 PeravixGroup	2026-05-23 01:33:14 (3 weeks ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
Anonymous	2026-05-19 21:36:40 (4 weeks ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇨🇳 ThreatBook.io	2026-04-20 01:15:21 (1 month ago)	ThreatBook Intelligence: Spam more details on http://threatbook.io/ip/216.26.248.50 2026-04-19 02:28 ... show more ThreatBook Intelligence: Spam more details on http://threatbook.io/ip/216.26.248.50 2026-04-19 02:28:39 /video/index.php?c=search&catid=23%20and%20(select%201%20from%20(select%20count(),concat(md5(1),floor(rand(0)2))x%20from%20information_schema.tables%20group%20by%20x)a) show less	Web App Attack
🇨🇳 ThreatBook.io	2026-03-20 01:29:52 (2 months ago)	ThreatBook Intelligence: vpn_proxy,Spam more details on https://threatbook.io/ip/216.26.248.50 2026- ... show more ThreatBook Intelligence: vpn_proxy,Spam more details on https://threatbook.io/ip/216.26.248.50 2026-03-19 04:37:53 /base/post.php,{"body":"act=appcode","content_type":"application/x-www-form-urlencoded","header":{"Accept":["application/x-shockwave-flash, image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, /"],"Accept-Encoding":["identity"],"Accept-Language":["zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3"],"Content-Length":["11"],"Content-Type":["application/x-www-form-urlencoded"],"Dnt":["1"],"Upgrade-Insecure-Requests":["1"],"User-Agent":["Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Chrome/23.0.1271.64 Safari/537.11"]},"host":"39.129.113.77:9224","method":"POST","proto":"HTTP/1.1","remote_addr":"216.26.248.50:50885","status_code":200,"url":"/base/post.php","user_agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Chrome/23.0.1271.64 Safari/537.11"} show less	Web App Attack
🇨🇦 SSH-Admin	2026-02-07 17:12:28 (4 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇨🇦 SSH-Admin	2025-12-27 13:45:08 (5 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇺🇸 COMPLEX	2025-12-14 23:07:46 (6 months ago)	Triggered Cloudflare WAF (l7ddos) from DE. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protoc ... show more Triggered Cloudflare WAF (l7ddos) from DE. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protocol: HTTP/2 (GET method) Endpoint: / show less	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-27 21:13:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 16:13:23.641819 2025] [security2:error] [pid 22365:tid 22365] [client 216.26.248.50:42975] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dvdmasters.com"] [uri "/.env"] [unique_id "aSi-82zc0PwSrUg1KPLLqgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 20:57:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 15:57:38.211667 2025] [security2:error] [pid 1855409:tid 1855471] [client 216.26.248.50:32897] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dejacats.com"] [uri "/.env"] [unique_id "aSi7QgidCSmP-2dT7Vp7VwAAAUE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:36:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:36:40.457501 2025] [security2:error] [pid 20793:tid 20793] [client 216.26.248.50:55383] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.personalizednapkins.com"] [uri "/.svn/wc.db"] [unique_id "aSUkSIVCWH5Hmr1XetGWNAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:08:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:08:51.227622 2025] [security2:error] [pid 28580:tid 28580] [client 216.26.248.50:30101] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.asisecuresystems.com"] [uri "/.env"] [unique_id "aSUdw1b241zsqI6zVeNVYQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:02:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:02:07.490915 2025] [security2:error] [pid 3059:tid 3059] [client 216.26.248.50:28085] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.hi-niemczuras.net"] [uri "/.git/HEAD"] [unique_id "aSUOHwH8N2drm_hSpvvAcwAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:17:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:17:38.622281 2025] [security2:error] [pid 25517:tid 25517] [client 216.26.248.50:43067] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.surviquo.com"] [uri "/.git/HEAD"] [unique_id "aST1oi0ifXyFpthjtYRQFwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Nick Lewis	2025-10-17 23:37:25 (8 months ago)	216.26.248.50 (TH/Thailand/-), 5 distributed sshd attacks on account [redacted]	Brute-Force SSH

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 152.32.172.177

🇺🇸 2607:f8b0:4004:1000::128

🇧🇷 205.210.31.208

🇳🇱 185.213.174.141

🇺🇸 44.245.225.29

🇨🇴 2001:4860:7:1206::f6

🇺🇦 176.109.10.49

🇦🇫 149.54.62.22

🇨🇳 121.228.126.172

🇨🇳 120.230.23.231

🇺🇸 45.79.207.129

🇬🇧 35.203.211.56

🇫🇷 5.135.4.149

🇬🇪 2.57.217.229

🇨🇳 223.89.221.191

🇺🇸 207.182.24.16

🇺🇸 147.185.132.171

🇹🇼 123.195.208.111

🇻🇳 123.17.250.222

🇮🇳 122.187.240.209