JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.250.34

216.26.250.34 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.250.34

Whois 216.26.250.34

IP Abuse Reports for 216.26.250.34:

This IP address has been reported a total of 18 times from 12 distinct sources. 216.26.250.34 was first reported on October 27th 2025, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-11 01:47:17 (6 hours ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇱🇻 garmtech.com	2026-03-08 17:38:46 (3 months ago)	IM360 WAF: WordPress malicious plugin install block MV:dummy-plugin.zip	Web App Attack
🇪🇸 el-brujo	2026-02-25 03:21:36 (3 months ago)	Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: Mozilla ... show more Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36 Action: managed_challenge Source: firewallManaged ASN Description: DREI-K-TECH-GMBH Country: CA Method: POST Timestamp: 2026-02-25T03:21:36Z ruleId: 5de7edfa648c4d6891dc3e7f84534ffa. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇮🇪 Jim Keir	2026-02-18 23:23:52 (3 months ago)	2026-02-18 23:23:51 216.26.250.34 File scanning, blocking 216.26.250.34 for 5 minutes	Web App Attack
🇨🇭 TheCoon	2026-02-18 15:45:01 (3 months ago)	Automated: Credential theft attempt - JSON bomb served	Web App Attack Hacking
🇩🇪 iNetWorker	2026-02-18 13:05:20 (3 months ago)	trolling for resource vulnerabilities	Web App Attack
🇧🇾 lns.bz	2026-02-18 11:52:17 (3 months ago)	.env scanning [BY]	Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 20:06:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.34 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 15:05:57.503553 2025] [security2:error] [pid 6572:tid 6572] [client 216.26.250.34:35409] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fairytaleinvitations.com"] [uri "/.git/HEAD"] [unique_id "aS9GpZMnkkhuqRQ0fcOBdgAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 15:33:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.34 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 10:33:37.721884 2025] [security2:error] [pid 5909:tid 5909] [client 216.26.250.34:45553] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mickbarton.com"] [uri "/.git/HEAD"] [unique_id "aS8G0T0tQGljyO79_FxZaQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 08:23:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.34 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 03:23:18.019532 2025] [security2:error] [pid 7062:tid 7062] [client 216.26.250.34:47073] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lordhari.com"] [uri "/.env"] [unique_id "aS6h9qM_TQykfQYwWjgMgAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 08:02:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.34 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 03:02:40.085280 2025] [security2:error] [pid 23314:tid 23314] [client 216.26.250.34:22561] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "owengmail.com"] [uri "/.svn/wc.db"] [unique_id "aS6dIGednWNTpfs8x9JUZQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 06:57:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.34 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 01:57:28.969190 2025] [security2:error] [pid 31225:tid 31225] [client 216.26.250.34:35769] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "comunicacion.com"] [uri "/.git/HEAD"] [unique_id "aS6N2ICXfICZgXG04L-2LAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 06:08:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.34 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 01:08:49.491181 2025] [security2:error] [pid 16647:tid 16647] [client 216.26.250.34:19855] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ubuciko.com"] [uri "/.env"] [unique_id "aS6CcbUs_nsjcdF4GTfR0AAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-13 18:03:55 (6 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/13 12:02:09	Port Scan Brute-Force Exploited Host Web App Attack
Anonymous	2025-11-09 16:30:44 (7 months ago)	Failed login attempt detected by Fail2Ban in plesk-panel jail	Brute-Force

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.91

🇺🇸 132.196.32.68

🇮🇳 115.96.31.238

🇨🇳 221.214.56.78

🇩🇪 209.38.236.225

🇺🇸 184.105.247.243

🇨🇳 118.145.144.95

🇱🇰 112.134.188.78

🇻🇳 103.154.62.14

🇨🇳 58.212.237.179

🇺🇸 35.224.254.204

🇬🇧 35.203.211.112

🇺🇸 20.163.32.78

🇸🇬 8.219.102.103

🇺🇸 216.25.89.132

🇮🇱 199.203.130.66

🇨🇱 186.10.86.130

🇺🇸 73.57.80.193

🇺🇸 66.132.195.26

🇺🇸 66.132.186.190