JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.224.225

216.26.224.225 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.224.225

Whois 216.26.224.225

IP Abuse Reports for 216.26.224.225:

This IP address has been reported a total of 23 times from 15 distinct sources. 216.26.224.225 was first reported on September 27th 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-03-31 16:07:18 (2 months ago)	Forum/form spam	Web Spam
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 cyfordtechnologies.com	2026-03-22 15:58:24 (2 months ago)	High-abuse ASN prefix: 216.26. : Reported by Cyford API	Web App Attack
🇺🇸 octageeks.com	2026-03-13 04:08:34 (2 months ago)	Wordpress malicious attack:[octaxmlrpc]	Web App Attack
🇫🇷 ingroscart.it	2026-01-14 22:15:14 (4 months ago)	(mod_security) mod_security triggered on hostname [redacted] 216.26.224.225 (US/United States/-)	SQL Injection
🇺🇸 TPI-Abuse	2026-01-13 12:35:26 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.224.225 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.224.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 13 07:35:21.429642 2026] [security2:error] [pid 19329:tid 19329] [client 216.26.224.225:13915] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "articulaterecords.com"] [uri "/.env"] [unique_id "aWY8Cd4xPEl8LFfguM2MKgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-14 07:23:23 (5 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-26 08:36:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.224.225 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.224.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:36:13.396707 2025] [security2:error] [pid 25689:tid 25689] [client 216.26.224.225:11501] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.worshipconcert.com"] [uri "/.env"] [unique_id "aSa7_eubH2-85UyR5jVOyQAAAC4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:05:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.224.225 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.224.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:05:41.796654 2025] [security2:error] [pid 17988:tid 17988] [client 216.26.224.225:38375] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.uphillfarmvt.com"] [uri "/.svn/wc.db"] [unique_id "aSaYtcTzWg47uUu3PRYBcQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:36:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.224.225 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.224.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:35:57.596409 2025] [security2:error] [pid 18836:tid 18836] [client 216.26.224.225:39615] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "beachweddingaccessories.com"] [uri "/.git/HEAD"] [unique_id "aSQY7UiYDDRm2N_YcWXASAAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-24 07:57:32 (6 months ago)	Attempted access to sensitive endpoint (/.svn/wc.db) detected. Automated scan or unauthorized probin ... show more Attempted access to sensitive endpoint (/.svn/wc.db) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:06:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.224.225 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.224.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:06:51.930627 2025] [security2:error] [pid 20704:tid 20704] [client 216.26.224.225:10685] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "devjs.ianmagarzo.com"] [uri "/.git/HEAD"] [unique_id "aSPZ28ckHQ-DVcwh03GtZQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 16:34:44 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-11-02 17:41:09 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 06:47:54	Port Scan Brute-Force Exploited Host Web App Attack
🇨🇭 backslash	2025-10-16 21:40:25 (7 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 89.21.67.150

🇷🇴 2.57.121.112

🇯🇴 176.29.56.213

🇺🇸 158.62.221.185

🇺🇸 107.167.34.125

🇲🇲 103.59.163.133

🇸🇬 85.203.21.51

🇻🇳 14.225.7.70

🇷🇺 5.3.146.57

🇷🇴 2.57.122.177

🇨🇭 195.177.93.121

🇵🇱 194.180.49.218

🇲🇽 186.96.145.241

🇧🇷 179.42.57.149

🇮🇹 149.22.91.165

🇨🇳 129.204.203.60

🇨🇳 119.96.193.72

🇰🇷 113.131.243.22

🇳🇱 104.248.202.187

🇫🇷 85.204.70.104