JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.225.173

216.26.225.173 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 10%: ?

10%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.225.173

Whois 216.26.225.173

IP Abuse Reports for 216.26.225.173:

This IP address has been reported a total of 26 times from 15 distinct sources. 216.26.225.173 was first reported on September 28th 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 tecnicorioja	2026-05-15 22:00:34 (3 weeks ago)	wp-login attack [15/May/2026:20:53:04	Brute-Force Web App Attack
🇬🇧 PeravixGroup	2026-05-13 05:09:52 (3 weeks ago)	Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Sever ... show more Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-06 19:11:34 (4 weeks ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: CRITICAL. Aaran.cloud show less	Hacking Exploited Host
🇪🇸 10dencehispahard SL	2026-02-11 06:37:31 (3 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇺🇸 TPI-Abuse	2026-01-21 15:36:08 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.225.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.225.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 21 10:35:56.971479 2026] [security2:error] [pid 5166:tid 5166] [client 216.26.225.173:54243] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "web-dojo.info"] [uri "/.svn/wc.db"] [unique_id "aXDyXEM7lKLd1zeyA-j8hwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-21 14:10:08 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.225.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.225.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 21 09:10:03.518330 2026] [security2:error] [pid 1724577:tid 1724600] [client 216.26.225.173:32281] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "inal.org"] [uri "/.git/HEAD"] [unique_id "aXDeO4ijgBTAZ2Aj_d7VdQAAANU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Charlesiv	2026-01-21 01:33:10 (4 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protocol: HTTP/1.1 (GET method) Endpoint: /.env Timestamp: 2026-01-21T00:43:28Z Ray ID: 9c12c710d8108d9b UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Edg/119.0.0.0 show less	Bad Web Bot
🇺🇸 myagent.site	2026-01-20 21:48:12 (4 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇮🇹 VHosting	2025-12-23 12:00:30 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
Anonymous	2025-12-13 04:12:17 (5 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-24 09:04:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.225.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.225.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:04:38.097105 2025] [security2:error] [pid 4050:tid 4050] [client 216.26.225.173:55749] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.mathiasaspelin.com"] [uri "/.env"] [unique_id "aSQfptQDxjdKzXP6dyAtLwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:03:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.225.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.225.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:03:03.564574 2025] [security2:error] [pid 24530:tid 24530] [client 216.26.225.173:34241] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.thoughtage.com"] [uri "/.git/HEAD"] [unique_id "aSQDJxWh6BmWJe4rroxQ1gAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:47:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.225.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.225.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:47:35.006884 2025] [security2:error] [pid 20735:tid 20735] [client 216.26.225.173:47013] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.kevinlaliberte.com"] [uri "/.svn/wc.db"] [unique_id "aSP_h5DvG2tFXZpcm4NR0AAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:32:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.225.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.225.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:32:48.191405 2025] [security2:error] [pid 2122:tid 2137] [client 216.26.225.173:27607] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.wirefactor.com"] [uri "/.git/HEAD"] [unique_id "aSPf8KMJlOuJ2GtNorV5BwAAAIo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-02 18:23:43 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 06:49:48	Port Scan Brute-Force Exploited Host Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 204.76.203.219

🇧🇷 200.165.70.141

🇭🇺 195.199.210.194

🇳🇱 195.178.110.30

🇸🇪 185.132.127.69

🇨🇳 124.193.81.23

🇨🇳 120.85.112.154

🇺🇸 98.159.37.29

🇫🇷 92.103.134.183

🇺🇸 66.132.172.16

🇲🇦 196.127.2.169

🇨🇱 186.174.45.219

🇺🇸 162.216.150.218

🇺🇸 128.203.204.215

🇨🇳 122.224.205.42

🇨🇳 118.212.121.89

🇧🇪 104.155.11.101

🇺🇸 66.132.172.147

🇦🇺 58.6.206.239

🇳🇱 45.148.10.147