JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.228.26

216.26.228.26 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 14%: ?

14%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.228.26

Whois 216.26.228.26

IP Abuse Reports for 216.26.228.26:

This IP address has been reported a total of 29 times from 13 distinct sources. 216.26.228.26 was first reported on September 29th 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-05-17 06:00:41 (3 weeks ago)	Brute force	Brute-Force
🇱🇻 garmtech.com	2026-05-15 12:19:01 (3 weeks ago)	IM360 WAF: Attempt to upload malware	Hacking
🇺🇸 cyfordtechnologies.com	2026-05-01 05:28:13 (1 month ago)	High-abuse ASN prefix: 216.26. : Reported by Cyford API	Web App Attack
🇺🇸 cyfordtechnologies.com	2026-03-22 00:29:11 (2 months ago)	High-abuse ASN prefix: 216.26. : Reported by Cyford API	Web App Attack
Anonymous	2026-01-29 09:20:51 (4 months ago)	wordpress-trap	Web App Attack
🇪🇸 10dencehispahard SL	2026-01-26 10:16:39 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇬🇧 relianoid.com	2026-01-25 03:16:50 (4 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇺🇸 TPI-Abuse	2026-01-21 13:00:20 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.228.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.228.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 21 08:00:15.320259 2026] [security2:error] [pid 14023:tid 14023] [client 216.26.228.26:34023] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdub.com"] [uri "/.svn/wc.db"] [unique_id "aXDN3wD4k3mEmaIMsEuX4gAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-20 23:56:04 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.228.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.228.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 20 18:55:55.334970 2026] [security2:error] [pid 9068:tid 9068] [client 216.26.228.26:48983] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "footballxp.com"] [uri "/.svn/wc.db"] [unique_id "aXAWCwX14uJHHlJU0AKvoAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-01-20 21:48:36 (4 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2026-01-20 21:04:37 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.228.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.228.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 20 16:04:32.848027 2026] [security2:error] [pid 2042:tid 2042] [client 216.26.228.26:15015] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "essav.net"] [uri "/.env"] [unique_id "aW_t4K9Qb-SNzoHgEsdu9wAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-04 14:08:22 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-25 06:09:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.228.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.228.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:09:27.950716 2025] [security2:error] [pid 31175:tid 31175] [client 216.26.228.26:57427] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.hkaida.com"] [uri "/.git/HEAD"] [unique_id "aSVIF0QnQkDeUy6xLjEwWAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:03:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.228.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.228.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:03:21.862124 2025] [security2:error] [pid 9611:tid 9611] [client 216.26.228.26:10843] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.deborahbein.com"] [uri "/.env"] [unique_id "aSUceYkaBciVdcju28lR1wAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:33:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.228.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.228.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:33:29.033204 2025] [security2:error] [pid 679481:tid 679481] [client 216.26.228.26:13651] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.gayarab.com"] [uri "/.env"] [unique_id "aSUVeYLWVY1ws-6OhGMUZAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 71.206.190.209

🇸🇬 47.84.138.13

🇺🇸 34.228.104.231

🇳🇱 5.83.143.97

🇧🇷 205.210.31.216

🇺🇸 205.210.31.54

🇩🇪 193.124.20.248

🇪🇨 190.11.247.6

🇭🇺 185.203.186.76

🇨🇱 181.173.242.27

🇺🇸 172.184.204.101

🇭🇰 162.158.178.226

🇩🇪 69.5.169.190

🇹🇼 60.199.224.2

🇺🇸 18.119.209.50

🇨🇦 15.235.96.71

🇳🇱 5.83.143.130

🇳🇱 5.83.143.113

🇺🇸 216.25.89.116

🇵🇾 143.255.140.220