JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.252.250

216.26.252.250 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.252.250

Whois 216.26.252.250

IP Abuse Reports for 216.26.252.250:

This IP address has been reported a total of 14 times from 4 distinct sources. 216.26.252.250 was first reported on November 25th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-17 03:30:08 (1 day ago)	Web App Attack	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2025-12-11 02:11:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.252.250 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.252.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 10 21:11:26.585601 2025] [security2:error] [pid 2841:tid 2841] [client 216.26.252.250:31013] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "smokeydoesit.com"] [uri "/.env"] [unique_id "aTooTgiCz0kzMpeoblPwcgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-10 01:55:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.252.250 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.252.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 20:55:22.751995 2025] [security2:error] [pid 26255:tid 26255] [client 216.26.252.250:30557] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "matchsticbranding.com"] [uri "/.svn/wc.db"] [unique_id "aTjTCll267_6xPBK88uS9AAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 20:16:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.252.250 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.252.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 15:16:25.667635 2025] [security2:error] [pid 15333:tid 15333] [client 216.26.252.250:16623] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "frankpollicino.com"] [uri "/.svn/wc.db"] [unique_id "aTiDmW7lwGzu43-kxErRxgAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 07:04:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.252.250 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.252.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 02:04:28.971134 2025] [security2:error] [pid 11140:tid 11140] [client 216.26.252.250:49635] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fusionrep.com"] [uri "/.svn/wc.db"] [unique_id "aTZ4fHqDBAbc85ZZXtZJogAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 03:37:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.252.250 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.252.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 22:37:26.689506 2025] [security2:error] [pid 15150:tid 15161] [client 216.26.252.250:41157] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "raxelon.com"] [uri "/.env"] [unique_id "aTJTdkYyIIZCNeLEf7c35gAAAII"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 11:54:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.252.250 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.252.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:54:33.272270 2025] [security2:error] [pid 5260:tid 5260] [client 216.26.252.250:37035] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.dannyvanryswyk.com"] [uri "/.env"] [unique_id "aSbqeXBhxbCaUQH50OK3_AAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 10:30:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.252.250 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.252.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:30:30.985116 2025] [security2:error] [pid 16934:tid 16974] [client 216.26.252.250:34093] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.monopostoyachts.com"] [uri "/.env"] [unique_id "aSbWxhKESCEx-WKRVnuD_QAAAYo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 10:09:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.252.250 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.252.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:09:45.798861 2025] [security2:error] [pid 14932:tid 14932] [client 216.26.252.250:14677] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.title-26.com"] [uri "/.env"] [unique_id "aSbR6YgWdNGgm82HRxeH_gAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:40:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.252.250 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.252.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:40:20.895832 2025] [security2:error] [pid 6477:tid 6477] [client 216.26.252.250:19769] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.bonnesfrequences.com"] [uri "/.git/HEAD"] [unique_id "aSag1Mek3qHJ4WRZE60sQwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:12:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.252.250 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.252.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:12:16.661821 2025] [security2:error] [pid 30261:tid 30261] [client 216.26.252.250:33523] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.bluegrassexpressband.com"] [uri "/.git/HEAD"] [unique_id "aSZF4Pa0hs_1JmR-JEu6zQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-25 22:37:42 (6 months ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:31:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.252.250 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.252.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:31:43.363553 2025] [security2:error] [pid 17064:tid 17064] [client 216.26.252.250:50495] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.beachweddinginvites.com"] [uri "/.svn/wc.db"] [unique_id "aSUjH7Yr4vwQiTm5Ho5-SgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 184.105.139.67

🇧🇬 79.124.62.126

🇺🇸 44.201.192.233

🇨🇳 183.167.234.154

🇩🇪 157.230.18.133

🇫🇮 147.185.133.67

🇮🇳 113.193.234.210

🇨🇳 42.233.102.138

🇳🇵 202.70.78.237

🇩🇪 167.94.146.68

🇨🇲 154.70.102.114

🇮🇳 122.168.3.115

🇨🇳 117.176.220.76

🇨🇳 116.25.249.117

🇨🇳 115.190.160.80

🇻🇳 113.161.222.150

🇳🇱 172.94.9.160

🇩🇪 167.94.146.35

🇯🇵 103.163.220.26

🇫🇷 89.116.31.97