JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.227.249

216.26.227.249 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.227.249

Whois 216.26.227.249

IP Abuse Reports for 216.26.227.249:

This IP address has been reported a total of 21 times from 11 distinct sources. 216.26.227.249 was first reported on September 28th 2025, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 relianoid.com	2026-01-30 11:11:16 (4 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇩🇪 bsoft.de	2026-01-20 13:24:11 (4 months ago)	Blocked because of abusive behavior	DDoS Attack
🇵🇱 sefinek.net	2025-12-31 07:21:54 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:114.0) Gecko/20100101 Firefox/114.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇵🇱 ketovoila.pl	2025-12-18 19:07:33 (5 months ago)	ketovoila.pl HONEYPOT traffic: count=1, paths=1; sample_path=ketovoila.pl/wp-content/plugins/ai-engi ... show more ketovoila.pl HONEYPOT traffic: count=1, paths=1; sample_path=ketovoila.pl/wp-content/plugins/ai-engine/app/i18n.js; UA=: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:146.0) Gecko/20100101 Firefox/146.0; window=2025-12-18T18:55:25Z..2025-12-18T18:55:25Z show less	Port Scan Hacking Brute-Force
🇦🇺 MAGIC	2025-12-18 03:20:13 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-11-16 07:02:52 (6 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.16 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.16 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-11 21:06:28 (6 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.11 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.11 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-06 19:47:16 (6 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.06 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.06 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-29 12:40:32 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇫🇮 YF	2025-10-16 18:01:40 (7 months ago)	xmlrpc.php (Potential DDoS or brute force)	Brute-Force Web App Attack
🇨🇦 wil.com	2025-10-16 13:44:51 (7 months ago)	GlobalProtect login attempts with user fabdulfattah.	VPN IP Brute-Force
Anonymous	2025-10-14 03:41:09 (7 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.14 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.14 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-10-09 08:52:18 (7 months ago)	(mod_security) mod_security (id:210350) triggered by 216.26.227.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 216.26.227.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 09 04:52:10.916304 2025] [security2:error] [pid 28844:tid 28844] [client 216.26.227.249:15333] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|192.64.150.140:443\|F\|4"] [data "close, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "192.64.150.140"] [uri "/"] [unique_id "aOd3ujzSzf9bIMQ3Vz9EwwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-06 03:49:28 (8 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.06 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.06 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-05 13:30:36 (8 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.05 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.05 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.157

🇺🇸 162.216.149.6

🇺🇸 85.208.96.212

🇳🇱 45.148.10.147

🇩🇪 45.135.195.139

🇺🇸 143.42.1.185

🇳🇱 141.11.62.50

🇮🇳 122.185.146.166

🇨🇦 99.235.200.20

🇳🇱 81.19.216.79

🇺🇸 66.132.186.186

🇳🇱 45.198.224.5

🇳🇱 45.148.10.151

🇨🇦 207.134.141.194

🇨🇳 182.119.56.103

🇺🇸 152.32.233.100

🇯🇵 101.36.104.242

🇸🇬 47.128.49.132

🇳🇱 209.38.102.185

🇺🇸 162.240.109.188