JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.250.254

216.26.250.254 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.250.254

Whois 216.26.250.254

IP Abuse Reports for 216.26.250.254:

This IP address has been reported a total of 19 times from 9 distinct sources. 216.26.250.254 was first reported on November 24th 2025, and the most recent report was 21 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇹 Malta	2026-06-11 15:52:29 (21 hours ago)	216.26.250.254 - - [11/Jun/2026:17:52:28 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintos ... show more 216.26.250.254 - - [11/Jun/2026:17:52:28 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; rv:120.0) Gecko/20100101 Firefox/120.0" show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-01-07 19:25:06 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.254 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 07 14:24:56.975613 2026] [security2:error] [pid 3709:tid 3709] [client 216.26.250.254:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eddysgroup.com"] [uri "/.git/HEAD"] [unique_id "aV6zCMZWK-2o0UQwgbPW6QAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇬 ipidentify	2026-01-07 18:24:23 (5 months ago)	2026-01-07T18:24:23Z GET /.env	Web App Attack
Anonymous	2026-01-05 20:21:12 (5 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇭🇷 IgorS.zg.hr	2025-12-30 11:27:08 (5 months ago)	Web application attack detected by fail2ban	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-30 10:59:21 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.254 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 30 05:59:12.998933 2025] [security2:error] [pid 4951:tid 4951] [client 216.26.250.254:17065] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.aliciagrant.com"] [uri "/.git/HEAD"] [unique_id "aVOwgFojpEmg2Cr0bQrXhQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 06:34:02 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.254 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:33:57.510667 2025] [security2:error] [pid 28955:tid 28955] [client 216.26.250.254:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nursetammytalks.com"] [uri "/.git/HEAD"] [unique_id "aVIg1YwuMBPyFylUP5AiTwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:07:32 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.254 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:07:23.608292 2025] [security2:error] [pid 17350:tid 17350] [client 216.26.250.254:60029] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "leannadsweeney.com"] [uri "/.env"] [unique_id "aVIMi5UmgO9-fAXmGkzvPwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:06:12 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.254 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:06:08.615896 2025] [security2:error] [pid 13834:tid 13834] [client 216.26.250.254:28541] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marketask.com"] [uri "/.svn/wc.db"] [unique_id "aVH-MKSqDYYyKxs8rWLwMgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 03:23:20 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.254 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 22:23:14.502914 2025] [security2:error] [pid 17985:tid 17985] [client 216.26.250.254:60331] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "weroinc.com"] [uri "/.env"] [unique_id "aVH0IpCLDX8kbrsasRR2dwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ManagedStack	2025-12-29 01:30:04 (5 months ago)	Probing access to unauthorized locations	Hacking Exploited Host Web App Attack
🇫🇮 Shaik Sai Meera	2025-12-27 23:10:11 (5 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇺🇸 TPI-Abuse	2025-12-27 18:25:01 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.254 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 13:24:55.959790 2025] [security2:error] [pid 12540:tid 12540] [client 216.26.250.254:18479] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "retiredexecutivetravel.com"] [uri "/.env"] [unique_id "aVAkd5ioKlnWWnVrlVsipgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Sklurk	2025-11-25 15:23:01 (6 months ago)	Web App Attack	Web App Attack
🇱🇻 garmtech.com	2025-11-24 12:01:21 (6 months ago)	Attempted access to sensitive endpoint (/.svn/wc.db) detected. Automated scan or unauthorized probin ... show more Attempted access to sensitive endpoint (/.svn/wc.db) detected. Automated scan or unauthorized probing. show less	Web App Attack

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇿 213.230.87.104

🇬🇧 193.163.125.3

🇰🇿 188.124.235.99

🇺🇿 185.139.138.152

🇷🇺 176.112.128.143

🇷🇺 171.22.135.229

🇺🇸 162.216.150.108

🇸🇬 159.223.51.2

🇯🇵 139.162.117.40

🇺🇸 97.187.51.44

🇳🇱 91.92.42.7

🇬🇧 35.203.210.253

🇺🇸 20.64.104.94

🇯🇵 8.221.139.48

🇺🇿 213.230.93.94

🇷🇺 176.59.33.222

🇺🇸 172.110.223.183

🇫🇮 147.185.133.149

🇫🇮 147.185.133.56

🇺🇸 147.185.132.49