JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.250.20

216.26.250.20 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 10%: ?

10%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.250.20

Whois 216.26.250.20

IP Abuse Reports for 216.26.250.20:

This IP address has been reported a total of 17 times from 7 distinct sources. 216.26.250.20 was first reported on October 3rd 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-23 08:39:14 (2 weeks ago)	Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Sever ... show more Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇸🇬 WinnieHoneypots	2026-05-12 19:26:57 (3 weeks ago)	Crappy bot probing nonexistent /wp-json/gravitysmtp/v1/tests/mock-data?page=gravitysmtp-settings	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-31 13:05:14 (5 months ago)	wordpress-trap	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:00:53 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-11 03:11:12 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 10 22:11:06.557084 2025] [security2:error] [pid 14111:tid 14111] [client 216.26.250.20:23193] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ziccardiart.com"] [uri "/.env"] [unique_id "aTo2SqYTDNoTucw_LEGHOQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 04:58:33 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 23:58:29.663551 2025] [security2:error] [pid 15847:tid 15847] [client 216.26.250.20:54167] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "howelllands.com"] [uri "/.git/HEAD"] [unique_id "aTesdYE7FqssiiMGmsocDQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 06:21:05 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 01:20:47.835860 2025] [security2:error] [pid 12496:tid 12496] [client 216.26.250.20:29533] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "schonuniverse.com"] [uri "/.env"] [unique_id "aTZuPwCbhzJOVWiH9hU6zgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 12:46:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 07:46:19.084089 2025] [security2:error] [pid 11182:tid 11182] [client 216.26.250.20:39921] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cyclingboardgames.net"] [uri "/.git/HEAD"] [unique_id "aTQlm_7dSogMeI1AnznbRgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 12:08:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 07:08:52.560752 2025] [security2:error] [pid 29408:tid 29411] [client 216.26.250.20:14395] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thebiglies.net"] [uri "/.svn/wc.db"] [unique_id "aTQc1IXNAVSfk1vavsR86AAAAEA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 09:50:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 04:50:46.910867 2025] [security2:error] [pid 9821:tid 9821] [client 216.26.250.20:11977] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "willowcreekretreathouse.com"] [uri "/.env"] [unique_id "aTKq9vQKvfG8l-heHU32wgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 06:44:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 01:44:01.109090 2025] [security2:error] [pid 30832:tid 30832] [client 216.26.250.20:52491] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pleasantridgeorganicfarm.com"] [uri "/.svn/wc.db"] [unique_id "aTJ_MYGNpwYLnlc8HrYbaQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 05:55:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 00:55:44.341351 2025] [security2:error] [pid 20188:tid 20188] [client 216.26.250.20:58467] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "billymitchell.com"] [uri "/.env"] [unique_id "aTJz4EUKYNAVui08pV-3ywAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 05:35:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 00:35:44.574808 2025] [security2:error] [pid 19305:tid 19305] [client 216.26.250.20:23843] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "newcitypark.com"] [uri "/.svn/wc.db"] [unique_id "aTJvMOiqNaEW5ixnAFyrFgAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 01:01:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 20:00:25.030516 2025] [security2:error] [pid 14359:tid 14359] [client 216.26.250.20:51721] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bridalshowernapkins.com"] [uri "/.git/HEAD"] [unique_id "aTIuqSQztawJBL8mQp_pygAAAEA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-22 21:19:04 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 216.26.250.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 216.26.250.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 22 16:18:59.040827 2025] [security2:error] [pid 31323:tid 31323] [client 216.26.250.20:48081] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|admin.turedinmobiliaria.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "admin.turedinmobiliaria.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aSIow1qlflGsjsGHTFNSxAAAAAA"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 183.82.111.224

🇭🇰 152.32.132.28

🇺🇸 207.90.244.17

🇧🇷 205.210.31.205

🇺🇸 174.254.254.17

🇵🇰 119.73.100.210

🇷🇴 91.211.87.106

🇺🇸 76.50.16.195

🇧🇷 45.205.1.67

🇭🇰 45.142.154.10

🇸🇬 43.173.177.246

🇺🇸 35.231.146.137

🇬🇧 35.203.211.228

🇬🇧 35.203.210.83

🇰🇷 1.214.214.114

🇮🇪 2a05:d018:10df:d401:a913:3b63:d3f3:512e

🇧🇷 177.16.244.39

🇳🇱 176.65.148.2

🇺🇸 162.216.150.79

🇺🇸 147.185.132.255