JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.226.235

216.26.226.235 was found in our database!

This IP was reported 39 times. Confidence of Abuse is 25%: ?

25%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.226.235

Whois 216.26.226.235

IP Abuse Reports for 216.26.226.235:

This IP address has been reported a total of 39 times from 15 distinct sources. 216.26.226.235 was first reported on September 27th 2025, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 tecnicorioja	2026-06-13 22:01:04 (4 hours ago)	wp-login attack [13/Jun/2026:03:26:07	Brute-Force Web App Attack
🇬🇷 setupgr	2026-06-13 04:32:05 (21 hours ago)	(mod_security) mod_security (id:900001) triggered by 216.26.226.235: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:900001) triggered by 216.26.226.235: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sat Jun 13 07:32:04.732902 2026] [security2:error] [pid 617818:tid 617850] [client 216.26.226.235:54507] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.asteriassantorini.com"] [severity "CRITICAL"] [tag "security"] [hostname "mail.asteriassantorini.com"] [uri "/wp-login.php"] [unique_id "aizdRLW1jJCSQWbpQzacswAAAEI"], referer: https://mail.asteriassantorini.com/wp-login.php show less	Port Scan
🇫🇷 ELYAZ	2026-06-12 15:01:51 (1 day ago)	(y4) Failed scan -byebye- from 216.26.226.235 (US/United States/-): (CF_ENABLE)	Hacking
🇺🇸 koinkash.org	2026-06-10 20:10:54 (3 days ago)	They are fraudulent. Malicious threat actor requesting php file /wp-login.php	Web App Attack
🇫🇮 000rosiu	2026-02-11 17:07:01 (4 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protocol: HTTP/1.1 (GET method) Endpoint: /test/.git/config Timestamp: 2026-02-11T17:03:15Z Ray ID: 9cc56b292b40884c UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Report generated by Cloudflare-WAF-To-AbuseIPDB: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇮🇹 VHosting	2025-12-24 01:30:14 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-27 20:36:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.226.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.226.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 15:36:34.293434 2025] [security2:error] [pid 4168:tid 4168] [client 216.26.226.235:52321] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "circleofsound.org"] [uri "/.env"] [unique_id "aSi2Urbbl9m-y17iTeQWMQAAADE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 10:33:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.226.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.226.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:33:21.616491 2025] [security2:error] [pid 24911:tid 24911] [client 216.26.226.235:10705] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.normsrotorservice.com"] [uri "/.svn/wc.db"] [unique_id "aSbXcR6kAQVAyo6zfXR72gAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:02:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.226.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.226.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:02:03.068047 2025] [security2:error] [pid 728:tid 728] [client 216.26.226.235:30649] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.cookingwithjule.com"] [uri "/.svn/wc.db"] [unique_id "aSaJy0utb4QCM7TPExISWAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 03:27:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.226.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.226.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 22:27:26.334932 2025] [security2:error] [pid 9247:tid 9262] [client 216.26.226.235:33959] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.juantrece.com"] [uri "/.git/HEAD"] [unique_id "aSZznuefRdxEWUSTWTEY0AAAAIo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:22:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.226.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.226.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:22:44.824065 2025] [security2:error] [pid 12131:tid 12131] [client 216.26.226.235:42665] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.theopinionatedowl.com"] [uri "/.env"] [unique_id "aSZWZLibpyTITZ6VIOZlTAAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 MPL	2025-11-26 01:19:17 (6 months ago)	tcp/80 (19 or more attempts)	Port Scan
🇺🇸 TPI-Abuse	2025-11-25 02:31:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.226.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.226.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:31:12.639987 2025] [security2:error] [pid 13455:tid 13455] [client 216.26.226.235:13551] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "micasafrontgate.joepaladino.com"] [uri "/.env"] [unique_id "aSUU8IVgO2A0xBrZxqEKIAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:41:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.226.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.226.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:41:45.273415 2025] [security2:error] [pid 1635:tid 1635] [client 216.26.226.235:44259] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gubbio.montepulciano.org"] [uri "/.svn/wc.db"] [unique_id "aSP-KRXjwK77WPqG9m3elgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 08:03:03 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 39 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4001:c76::12d

🇬🇧 193.163.125.192

🇭🇰 165.154.6.75

🇺🇸 65.191.211.33

🇬🇧 31.14.254.2

🇰🇷 211.106.137.135

🇮🇩 202.145.0.18

🇧🇷 189.123.96.25

🇺🇸 154.92.23.249

🇺🇸 147.185.132.171

🇨🇳 113.215.189.170

🇨🇳 113.215.189.164

🇨🇦 85.217.149.55

🇧🇬 78.128.114.102

🇩🇪 69.5.169.91

🇳🇱 45.148.10.157

🇵🇱 34.118.101.47

🇭🇰 34.92.142.57

🇵🇰 223.123.71.118

🇬🇧 217.154.45.93