JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.227.52

216.26.227.52 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.227.52

Whois 216.26.227.52

IP Abuse Reports for 216.26.227.52:

This IP address has been reported a total of 24 times from 12 distinct sources. 216.26.227.52 was first reported on September 28th 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 iNetWorker	2026-05-21 17:43:34 (3 weeks ago)	trolling for resource vulnerabilities	Web App Attack
Anonymous	2026-04-11 10:57:54 (2 months ago)	Forum/form spam	Web Spam
Anonymous	2026-03-21 14:32:07 (2 months ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 oncord	2026-03-11 10:06:58 (3 months ago)	Form spam	Web Spam
Anonymous	2026-03-06 02:44:42 (3 months ago)	Forum/form spam	Web Spam
🇺🇸 TPI-Abuse	2025-12-27 23:46:00 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.227.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.227.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 18:45:55.322263 2025] [security2:error] [pid 8000:tid 8000] [client 216.26.227.52:32747] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mywheatgrass.com"] [uri "/.env"] [unique_id "aVBvswenszCFfd2oXlZIqQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 23:28:06 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.227.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.227.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 18:27:58.406512 2025] [security2:error] [pid 4573:tid 4591] [client 216.26.227.52:12607] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "boxwoodgarden.com"] [uri "/.svn/wc.db"] [unique_id "aVBrfnM4MRc4Fzor1cWGvQAAAQ4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 19:53:24 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.227.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.227.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 14:53:21.190199 2025] [security2:error] [pid 21091:tid 21091] [client 216.26.227.52:11829] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "swampoodlegrounds.com"] [uri "/.svn/wc.db"] [unique_id "aVA5MTbhDLCK7bUvRB0QawAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 17:02:13 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.227.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.227.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 12:02:09.001313 2025] [security2:error] [pid 495:tid 495] [client 216.26.227.52:33559] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dalebeyer.com"] [uri "/.git/HEAD"] [unique_id "aVAREXiUs-xI3iWDEl6BJAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 16:30:33 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.227.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.227.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 11:30:30.146321 2025] [security2:error] [pid 4959:tid 4959] [client 216.26.227.52:38525] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blaslandsporthorses.com"] [uri "/.svn/wc.db"] [unique_id "aVAJpjRDWqMp_zOlg4aPpwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Thaliruth	2025-12-26 16:25:45 (5 months ago)	default:80 216.26.227.52 - - [26/Dec/2025:17:25:45 +0100] "GET /.git/HEAD HTTP/1.0" 403 432 "-" "Moz ... show more default:80 216.26.227.52 - - [26/Dec/2025:17:25:45 +0100] "GET /.git/HEAD HTTP/1.0" 403 432 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 216.26.227.52 - - [26/Dec/2025:17:25:45 +0100] "GET /.git/HEAD HTTP/1.1" 403 268 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Brute-Force Web App Attack
Anonymous	2025-12-26 11:55:05 (5 months ago)	"GET /.env HTTP/1.1"	Hacking Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-11-30 13:09:48 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-10-29 02:30:39 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇨🇦 wil.com	2025-10-16 22:40:34 (7 months ago)	GlobalProtect login attempts with user dmalek.	VPN IP Brute-Force

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 189.230.171.129

🇳🇱 176.65.139.56

🇺🇸 172.202.9.120

🇦🇹 159.100.25.183

🇸🇬 101.100.194.252

🇺🇸 71.104.69.198

🇫🇮 65.21.155.186

🇮🇳 49.204.29.71

🇳🇱 45.148.10.152

🇮🇳 42.104.210.159

🇸🇦 37.105.219.23

🇲🇾 202.165.29.123

🇮🇳 49.43.91.54

🇧🇷 45.164.251.67

🇫🇷 37.65.162.233

🇬🇧 217.43.52.136

🇩🇪 213.209.159.241

🇿🇦 197.185.140.10

🇨🇳 180.76.234.93

🇻🇳 125.235.229.41