JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.226.59

216.26.226.59 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 10%: ?

10%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.226.59

Whois 216.26.226.59

IP Abuse Reports for 216.26.226.59:

This IP address has been reported a total of 21 times from 13 distinct sources. 216.26.226.59 was first reported on September 29th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-20 19:33:48 (2 weeks ago)	Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran. ... show more Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran.cloud show less	FTP Brute-Force Brute-Force
🇫🇮 inlink.ltd	2026-05-18 07:49:11 (2 weeks ago)	Known malicious PHP file or CMS probe	Web App Attack
🇫🇮 000rosiu	2026-02-11 16:09:32 (3 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protocol: HTTP/1.1 (GET method) Endpoint: /app/.env Timestamp: 2026-02-11T16:03:51Z Ray ID: 9cc514285a1d43e2 UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Report generated by Cloudflare-WAF-To-AbuseIPDB: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2026-02-11 09:01:00 (3 months ago)	SMS pumping	DDoS Attack VPN IP Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 15:55:57 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.226.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.226.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 10:55:50.042278 2026] [security2:error] [pid 14514:tid 14514] [client 216.26.226.59:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "antitribu.com"] [uri "/backup/.git/config"] [unique_id "aYtVBkGlSPC6lJyzNbjGVAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 DZBOT	2026-02-09 21:15:19 (3 months ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
Anonymous	2026-01-09 06:20:11 (4 months ago)	216.26.226.59 - - [09/Jan/2026:07:20:10 +0100] "GET /db.sql HTTP/1.1" 403 5014 "-" "Mozilla/5.0 (Win ... show more 216.26.226.59 - - [09/Jan/2026:07:20:10 +0100] "GET /db.sql HTTP/1.1" 403 5014 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Web App Attack
🇦🇺 MAGIC	2025-12-07 00:07:27 (6 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-12-01 05:07:07 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-25 05:46:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.226.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.226.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:46:41.995219 2025] [security2:error] [pid 8922:tid 8922] [client 216.26.226.59:57199] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "elfinforest.net"] [uri "/.env"] [unique_id "aSVCwXPmN4v3I6cmO2Uv6AAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:26:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.226.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.226.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:26:07.001064 2025] [security2:error] [pid 29142:tid 29142] [client 216.26.226.59:10443] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "edfisherco.com"] [uri "/.svn/wc.db"] [unique_id "aSU973azlOjkwKDbXVwuQwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:56:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.226.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.226.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:55:47.164989 2025] [security2:error] [pid 11005:tid 11005] [client 216.26.226.59:17189] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "discountbusinessholidaycards.com"] [uri "/.git/HEAD"] [unique_id "aSUow4JJWy1CTXtE5W1vSgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 08:24:28 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-10-15 01:14:53 (7 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.15 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.15 is noted in report timestamp show less	Hacking Brute-Force
🇨🇦 wil.com	2025-10-14 09:11:03 (7 months ago)	GlobalProtect login attempts with user qqn.	VPN IP Brute-Force

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇴 176.108.224.132

🇻🇳 103.97.135.244

🇦🇷 2803:9800:9093:8bf2:1dc5:2033:6782:1390

🇺🇸 186.243.255.237

🇺🇸 165.245.162.86

🇺🇸 162.241.152.21

🇩🇪 141.11.45.234

🇭🇰 119.28.71.133

🇸🇬 101.47.158.56

🇷🇺 91.215.85.193

🇮🇳 89.117.157.159

🇺🇸 18.209.137.234

🇬🇧 5.226.140.105

🇳🇱 2a02:4780:8:1225:0:342f:4a24:1

🇸🇬 2404:6800:4003:c0f::12a

🇺🇸 134.122.125.153

🇺🇸 130.131.220.95

🇮🇷 85.9.111.160

🇺🇸 66.132.172.148

🇺🇸 52.1.195.155