JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.250.148

216.26.250.148 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.250.148

Whois 216.26.250.148

IP Abuse Reports for 216.26.250.148:

This IP address has been reported a total of 14 times from 8 distinct sources. 216.26.250.148 was first reported on October 11th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-08 17:25:42 (1 month ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 Oakley	2026-02-17 23:15:00 (3 months ago)	Bad bot	Bad Web Bot
🇺🇸 Vano Ganzzz	2025-12-21 02:58:18 (5 months ago)	Triggered Cloudflare WAF (l7ddos) from CA. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protoc ... show more Triggered Cloudflare WAF (l7ddos) from CA. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protocol: HTTP/1.1 (GET method) Endpoint: / Timestamp: 2025-12-21T02:58:18Z Ray ID: 9b141df09d81abac UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 show less	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-25 06:13:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:13:13.024066 2025] [security2:error] [pid 8038:tid 8038] [client 216.26.250.148:13155] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.tylerdroneservices.com"] [uri "/.git/HEAD"] [unique_id "aSVI-dnXYdxmPxQIHNfthQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:59:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:59:42.242806 2025] [security2:error] [pid 7855:tid 7855] [client 216.26.250.148:19229] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.nlc-calumet.org"] [uri "/.svn/wc.db"] [unique_id "aSU3vv_-YvtwMFChklMpXQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:14:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:13:56.553894 2025] [security2:error] [pid 6614:tid 6614] [client 216.26.250.148:40111] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.eta-mct.com"] [uri "/.env"] [unique_id "aSUtBN8HFM0C9KBd_FwuFAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:58:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:58:01.908602 2025] [security2:error] [pid 13754:tid 13781] [client 216.26.250.148:19515] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.progenicyte.com"] [uri "/.git/HEAD"] [unique_id "aSUpSaITODRS1uMOGv8wCQAAAFU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:35:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:35:35.829991 2025] [security2:error] [pid 17235:tid 17235] [client 216.26.250.148:35077] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.saintlouiscentral.com"] [uri "/.svn/wc.db"] [unique_id "aSUV9wT4LqrBcBZ1_A2-DQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:10:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:10:47.151261 2025] [security2:error] [pid 27090:tid 27090] [client 216.26.250.148:43599] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.sbodyworkbychris.com"] [uri "/.env"] [unique_id "aSUQJ-JeHospkLoEnAsiqQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:19:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:19:20.401002 2025] [security2:error] [pid 6168:tid 6168] [client 216.26.250.148:15191] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.adm-sal.com"] [uri "/.env"] [unique_id "aSUEGMebr9XJzerbJkDQsgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-02 21:02:17 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 07:22:09	Port Scan Brute-Force Exploited Host Web App Attack
Anonymous	2025-10-30 14:12:08 (7 months ago)	WordPress Brute Force	Brute-Force
🇦🇺 AWW-Admin	2025-10-29 16:04:23 (7 months ago)	(wordpress) Failed wordpress login from 216.26.250.148 (CA/Canada/-)	Brute-Force
🇫🇷 Sklurk	2025-10-11 07:04:01 (8 months ago)	Web App Attack	Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 203.25.108.77

🇨🇳 180.76.137.24

🇺🇸 66.132.195.47

🇳🇱 205.147.16.200

🇺🇸 91.230.168.150

🇮🇹 87.11.222.150

🇬🇧 84.233.251.5

🇮🇱 84.110.134.26

🇱🇺 64.89.161.184

🇨🇦 52.138.38.186

🇳🇱 45.148.10.157

🇺🇸 20.64.105.251

🇳🇱 204.76.203.231

🇻🇪 201.249.193.193

🇳🇱 190.2.148.182

🇳🇱 185.226.197.42

🇬🇧 185.56.45.163

🇺🇸 170.39.185.13

🇺🇸 162.243.92.74

🇺🇸 137.184.50.154