JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.227.239

216.26.227.239 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.227.239

Whois 216.26.227.239

IP Abuse Reports for 216.26.227.239:

This IP address has been reported a total of 17 times from 7 distinct sources. 216.26.227.239 was first reported on September 28th 2025, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 VHosting	2025-12-23 18:25:20 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇦🇺 MAGIC	2025-12-18 03:01:56 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-12-06 10:47:13 (5 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-26 21:42:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.227.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.227.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 16:42:32.716401 2025] [security2:error] [pid 1373:tid 1373] [client 216.26.227.239:34159] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dmasoftlab.com"] [uri "/.env"] [unique_id "aSd0SNX_AzNdb5_4rUTiMgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:59:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.227.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.227.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:59:08.171389 2025] [security2:error] [pid 16878:tid 16878] [client 216.26.227.239:41861] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.rums-of-the-world.com"] [uri "/.git/HEAD"] [unique_id "aSQeXPAh8wgcZRCxR5eaMgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:41:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.227.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.227.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:41:38.365695 2025] [security2:error] [pid 26169:tid 26169] [client 216.26.227.239:57523] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.kikisfriends.com"] [uri "/.env"] [unique_id "aSQMMhcm9MdBnj3Ox84ltAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:00:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.227.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.227.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:00:48.798421 2025] [security2:error] [pid 16648:tid 16648] [client 216.26.227.239:47391] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.jdeloa.com"] [uri "/.env"] [unique_id "aSQCoN16w2pj9zuP4QMmfwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:45:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.227.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.227.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:45:00.439083 2025] [security2:error] [pid 7885:tid 7885] [client 216.26.227.239:53301] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.superstargambling.com"] [uri "/.env"] [unique_id "aSP-7HtjiSlpSAWV6Fls9gAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:57:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.227.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.227.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:57:32.419203 2025] [security2:error] [pid 11978:tid 11978] [client 216.26.227.239:21677] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.willowcreekretreathouse.com"] [uri "/.git/HEAD"] [unique_id "aSPzzChbHtqB3daouEzX4gAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:47:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.227.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.227.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:46:51.020743 2025] [security2:error] [pid 23975:tid 23975] [client 216.26.227.239:19345] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.appsdips.com"] [uri "/.env"] [unique_id "aSPjO_0o6qTiNXIsBAT5XgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 01:02:38 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇫🇮 bittiguru.fi	2025-10-25 08:13:59 (7 months ago)	Brute Force	Brute-Force SSH
Anonymous	2025-10-06 18:39:37 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.06 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.06 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-03 14:51:36 (8 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.03 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.03 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-02 01:45:32 (8 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.02 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.02 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.149.61

🇮🇷 185.95.180.2

🇧🇼 168.167.72.132

🇷🇴 162.249.125.150

🇯🇵 211.15.17.4

🇺🇸 138.197.97.170

🇷🇺 109.111.175.210

🇮🇳 103.127.30.137

🇳🇱 45.148.10.183

🇭🇰 38.76.171.153

🇮🇳 139.59.83.32

🇵🇰 119.156.28.157

🇭🇰 182.239.74.10

🇨🇳 175.1.28.103

🇺🇸 156.232.13.161

🇸🇬 148.66.142.9

🇺🇸 107.170.247.81

🇭🇰 103.230.240.59

🇳🇱 45.148.10.240

🇮🇳 45.123.217.22