JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.250.59

216.26.250.59 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 12%: ?

12%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.250.59

Whois 216.26.250.59

IP Abuse Reports for 216.26.250.59:

This IP address has been reported a total of 12 times from 7 distinct sources. 216.26.250.59 was first reported on October 13th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-20 00:13:14 (2 days ago)	Web App Attack	Web App Attack
🇺🇸 lostswordfish.com	2026-05-22 20:28:03 (4 weeks ago)	Wordfence waf block on wp20190711M4	Web App Attack
🇵🇱 sefinek.net	2025-12-31 00:34:14 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-26 08:58:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:58:28.897480 2025] [security2:error] [pid 8711:tid 8711] [client 216.26.250.59:16551] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.splashstation.org"] [uri "/.env"] [unique_id "aSbBNDyXcs9lkxth9_FYjQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:18:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:18:37.161638 2025] [security2:error] [pid 2198742:tid 2198742] [client 216.26.250.59:56075] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.bccworldmedia.com"] [uri "/.svn/wc.db"] [unique_id "aSZVbZZ23VI7RS1LlqLcGgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:38:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:37:55.592650 2025] [security2:error] [pid 16029:tid 16029] [client 216.26.250.59:25137] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.muebleriamac.com"] [uri "/.git/HEAD"] [unique_id "aSZL47LPKHweXs612_5uzwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:42:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:42:44.245312 2025] [security2:error] [pid 31019:tid 31019] [client 216.26.250.59:58585] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.mentalmolecule.com"] [uri "/.svn/wc.db"] [unique_id "aSUXpBW9FdNnM85bQ9zTkAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:03:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:03:31.178190 2025] [security2:error] [pid 23316:tid 23316] [client 216.26.250.59:13543] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.visage-nico.com"] [uri "/.env"] [unique_id "aSUAY38FAGj4mUe91pJTBQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:13:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.250.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.250.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:13:26.569592 2025] [security2:error] [pid 9922:tid 9922] [client 216.26.250.59:42887] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.macallanmitchell.macryder.com"] [uri "/.svn/wc.db"] [unique_id "aSPpdvBipNE6Ragk72cEqAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-13 19:12:36 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/13 13:11:22	Port Scan Brute-Force Exploited Host Web App Attack
Anonymous	2025-10-27 22:27:14 (7 months ago)	216.26.250.59 - - [27/Oct/2025:23:27:13 +0100] "GET /wp-login.php HTTP/1.1" 403 4949 "-" "Mozilla/5. ... show more 216.26.250.59 - - [27/Oct/2025:23:27:13 +0100] "GET /wp-login.php HTTP/1.1" 403 4949 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.203" ... show less	Web App Attack
🇪🇸 10dencehispahard SL	2025-10-13 05:33:18 (8 months ago)	WP probing for vulnerabilities	Hacking Exploited Host

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.110

🇰🇪 197.248.34.233

🇮🇹 185.31.65.225

🇳🇱 176.65.139.231

🇺🇸 172.58.240.63

🇭🇰 165.154.42.209

🇺🇸 147.185.132.112

🇨🇳 120.55.180.250

🇨🇳 115.190.166.75

🇨🇳 115.190.127.7

🇧🇩 103.154.158.70

🇺🇸 66.181.36.86

🇫🇷 62.169.20.98

🇺🇸 47.143.208.202

🇧🇷 205.210.31.215

🇳🇱 176.65.139.181

🇨🇳 171.114.141.27

🇺🇸 141.11.88.13

🇨🇳 111.225.148.205

🇫🇷 90.63.199.41