JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.225.196

216.26.225.196 was found in our database!

This IP was reported 37 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.225.196

Whois 216.26.225.196

IP Abuse Reports for 216.26.225.196:

This IP address has been reported a total of 37 times from 16 distinct sources. 216.26.225.196 was first reported on September 27th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 MAGIC	2026-04-22 00:03:53 (1 month ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 mnsf	2026-03-27 03:06:47 (2 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack
🇩🇪 kivitendo.de	2026-03-27 02:24:31 (2 months ago)	[Fri Mar 27 03:24:39.096742 2026] [access_compat:error] [pid 185798:tid 185806] [client 216.26.225.1 ... show more [Fri Mar 27 03:24:39.096742 2026] [access_compat:error] [pid 185798:tid 185806] [client 216.26.225.196:27221] AH01797: client denied by server configuration: /var/www/kivitendo-erp/config/.env [Fri Mar 27 03:24:39.193641 2026] [access_compat:error] [pid 185798:tid 185816] [client 216.26.225.196:27221] AH01797: client denied by server configuration: /var/www/kivitendo-erp/.git/config ... show less	Brute-Force Web App Attack
🇫🇷 dynamix	2026-03-27 01:52:08 (2 months ago)	Multiple WAF Violations	Web App Attack
🇩🇪 iNetWorker	2026-01-21 11:12:11 (4 months ago)	trolling for resource vulnerabilities	Web App Attack
🇺🇸 myagent.site	2026-01-20 21:42:51 (4 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇩🇪 Packets-Decreaser.NET	2025-12-31 00:58:48 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-12-13 22:46:26 (5 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-12-02 22:18:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.225.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.225.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:18:07.072282 2025] [security2:error] [pid 31494:tid 31494] [client 216.26.225.196:56823] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mantality.com"] [uri "/.git/HEAD"] [unique_id "aS9lnyyCmdODFvj6xbuVHQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 20:31:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.225.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.225.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 15:31:27.781183 2025] [security2:error] [pid 24560:tid 24560] [client 216.26.225.196:45459] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "btsalesrep.com"] [uri "/.svn/wc.db"] [unique_id "aS9Mn3W9Cyt7XZcJnmJNbwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 19:12:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.225.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.225.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 14:12:18.189414 2025] [security2:error] [pid 19935:tid 19935] [client 216.26.225.196:16031] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "robertmcatee.com"] [uri "/.svn/wc.db"] [unique_id "aS86Ekaiups-bM3su9FZPAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 18:37:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.225.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.225.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 13:37:56.320237 2025] [security2:error] [pid 9041:tid 9041] [client 216.26.225.196:51047] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brentsagnotti.com"] [uri "/.git/HEAD"] [unique_id "aS8yBLxVFCTvyOGOANQjvQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2025-12-02 06:36:14 (6 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2025-12-02 04:15:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.225.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.225.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:15:06.075779 2025] [security2:error] [pid 14956:tid 15000] [client 216.26.225.196:37937] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "omegaoak.com"] [uri "/.git/HEAD"] [unique_id "aS5nylbve-zJwfI7DO8G9AAAAEE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:42:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.225.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.225.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:42:14.402305 2025] [security2:error] [pid 2489865:tid 2489865] [client 216.26.225.196:15945] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.thebradleyclinic.com"] [uri "/.env"] [unique_id "aSahRhfJfWrUw11hTp9x1gAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 37 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇩 203.83.186.62

🇺🇸 192.241.141.178

🇨🇳 180.76.240.235

🇩🇪 167.94.145.30

🇫🇮 147.185.133.61

🇮🇳 68.233.116.124

🇷🇴 2.57.121.25

🇿🇼 2605:59c0:679a:5710:5507:ff01:b165:a9ab

🇩🇪 213.209.159.227

🇺🇸 156.229.163.164

🇩🇿 41.111.178.165

🇯🇵 8.216.4.143

🇮🇷 5.219.230.210

🇺🇸 3.142.170.60

🇷🇴 2.57.122.238

🇷🇴 2.57.121.112

🇳🇱 195.178.110.30

🇨🇳 106.227.33.165

🇮🇳 106.201.80.104

🇵🇹 87.103.126.54