JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.250.249

216.26.250.249 was found in our database!

This IP was reported 5 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.250.249

Whois 216.26.250.249

IP Abuse Reports for 216.26.250.249:

This IP address has been reported a total of 5 times from 3 distinct sources. 216.26.250.249 was first reported on October 16th 2025, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-01-05 20:36:52 (5 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-24 06:13:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:13:20.978239 2025] [security2:error] [pid 28814:tid 28814] [client 216.26.250.249:37747] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.qualtacon.com"] [uri "/.git/HEAD"] [unique_id "aSP3gEkJ_bPuhyrhXapr5QAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:40:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:40:23.636746 2025] [security2:error] [pid 3303659:tid 3303659] [client 216.26.250.249:57853] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.vfflag.info"] [uri "/.env"] [unique_id "aSPht_2xGA2-6xL4yb5zegAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:21:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:21:42.404068 2025] [security2:error] [pid 10544:tid 10544] [client 216.26.250.249:20365] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.arnebowman.com"] [uri "/.svn/wc.db"] [unique_id "aSPdVvZlBzQF76kULNHAwwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 bsoft.de	2025-10-16 06:20:23 (7 months ago)	216.26.250.249 - - [16/Oct/2025:08:20:12 +0200] "POST /xmlrpc.php HTTP/1.1" 200 426 "-" "Mozilla/5.0 ... show more 216.26.250.249 - - [16/Oct/2025:08:20:12 +0200] "POST /xmlrpc.php HTTP/1.1" 200 426 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 216.26.250.249 - - [16/Oct/2025:08:20:17 +0200] "POST /xmlrpc.php HTTP/1.1" 200 426 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.67 Safari/537.36" 216.26.250.249 - - [16/Oct/2025:08:20:22 +0200] "POST /xmlrpc.php HTTP/1.1" 200 426 "-" "Mozilla/5.0 (iPad; CPU OS 11_2_5 like Mac OS X) AppleWebKit/604.5.6 (KHTML, like Gecko) Version/11.0 Mobile/15D60 Safari/604.1" show less	Web App Attack

Showing 1 to 5 of 5 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 217.117.166.231

🇫🇷 82.102.18.118

🇺🇸 67.207.87.210

🇩🇪 185.216.179.51

🇳🇱 176.65.139.41

🇮🇶 150.228.104.246

🇮🇳 117.245.141.249

🇨🇳 117.48.218.234

🇨🇳 111.9.22.102

🇺🇸 74.125.150.167

🇸🇬 68.183.178.130

🇮🇳 64.227.167.16

🇺🇸 50.116.72.11

🇩🇪 213.209.159.235

🇺🇸 159.223.134.196

🇵🇱 91.228.33.140

🇧🇪 66.249.93.228

🇮🇳 52.140.76.154

🇯🇴 2a01:9700:3292:ee00:2c11:58bc:9eb9:f53a

🇰🇪 197.248.15.98