JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.228.243

216.26.228.243 was found in our database!

This IP was reported 42 times. Confidence of Abuse is 16%: ?

16%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.228.243

Whois 216.26.228.243

IP Abuse Reports for 216.26.228.243:

This IP address has been reported a total of 42 times from 14 distinct sources. 216.26.228.243 was first reported on September 26th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇸🇬 volcaryx	2026-05-25 12:02:29 (2 weeks ago)	Cloudflare detected an L7 DDoS attack (l7ddos) from US. Action: BLOCK \| Protocol: HTTP/2 (GET) \| End ... show more Cloudflare detected an L7 DDoS attack (l7ddos) from US. Action: BLOCK \| Protocol: HTTP/2 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	DDoS Attack Bad Web Bot
🇨🇦 leithzz	2026-05-25 11:49:40 (2 weeks ago)	Report by Cloudflare.Time: 2026-05-25T11:49:07Z	DDoS Attack
🇳🇱 MatStef132	2026-05-19 21:05:47 (3 weeks ago)	MatShield L7: blocked on anonymous (ua-quarantined)	Bad Web Bot
🇫🇷 MatStef132	2026-05-19 20:55:41 (3 weeks ago)	MatShield L7: blocked on mathost.eu (ua-quarantined)	Bad Web Bot
🇫🇷 MatStef132	2026-05-14 21:32:37 (3 weeks ago)	[mathost.eu] ua-q	DDoS Attack Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 03:54:02 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.228.243 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.228.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 22:53:57.712853 2026] [security2:error] [pid 26646:tid 26646] [client 216.26.228.243:17349] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.puppetbookshop.com"] [uri "/.env"] [unique_id "aWsH1WFcsJBYmE-mGj2LhwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-12-24 06:35:15 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇦🇺 MAGIC	2025-12-24 05:06:39 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇩🇪 Packets-Decreaser.NET	2025-11-30 13:09:49 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇷🇸 Smel	2025-11-27 00:37:14 (6 months ago)	HTTP/80/443/8080 Unauthorized Probe, Hack -	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 17:23:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.228.243 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.228.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 12:22:55.108909 2025] [security2:error] [pid 30625:tid 30625] [client 216.26.228.243:33521] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.coolcustomproducts.com"] [uri "/.svn/wc.db"] [unique_id "aSc3b4tvH_UPdWFyHSHMGAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 07:10:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.228.243 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.228.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:10:27.026458 2025] [security2:error] [pid 10285:tid 10285] [client 216.26.228.243:55771] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.ismycorporationsafe.com"] [uri "/.git/HEAD"] [unique_id "aSVWY-mS5hHSo2-M-ve75QAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:33:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.228.243 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.228.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:33:07.765423 2025] [security2:error] [pid 27143:tid 27143] [client 216.26.228.243:29617] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "porterpromo.dance4ovations.com"] [uri "/.git/HEAD"] [unique_id "aSVNo0QcRqGNjCQF09BdxAAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:14:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.228.243 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.228.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:14:39.119238 2025] [security2:error] [pid 27552:tid 27552] [client 216.26.228.243:13953] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.oceanrich.biz"] [uri "/.git/HEAD"] [unique_id "aSVJT5Vfwy3HkmK8JdkClwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:03:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.228.243 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.228.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:03:51.331978 2025] [security2:error] [pid 831301:tid 831301] [client 216.26.228.243:49003] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.sternscape.com"] [uri "/.env"] [unique_id "aSU4t6S-2qcKDDjcZlgNhAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 42 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇿 213.230.127.104

🇳🇱 213.176.16.100

🇺🇸 205.210.31.49

🇺🇸 205.210.31.45

🇺🇸 203.88.119.100

🇩🇪 194.88.98.100

🇲🇽 187.230.115.212

🇮🇳 182.78.87.2

🇺🇸 172.172.131.149

🇺🇸 172.105.147.138

🇺🇸 165.154.163.215

🇮🇩 157.66.128.172

🇫🇷 143.244.57.90

🇮🇳 125.16.27.190

🇨🇳 119.41.148.245

🇹🇭 118.193.56.235

🇮🇳 116.72.2.83

🇨🇳 111.26.62.39

🇮🇳 103.164.246.214

🇩🇪 94.16.17.139