JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.229.107

216.26.229.107 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 35%: ?

35%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.229.107

Whois 216.26.229.107

IP Abuse Reports for 216.26.229.107:

This IP address has been reported a total of 32 times from 20 distinct sources. 216.26.229.107 was first reported on September 27th 2025, and the most recent report was 11 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ELYAZ	2026-06-16 02:58:00 (11 hours ago)	(y4) Failed scan -byebye- from 216.26.229.107 (US/United States/-): (CF_ENABLE)	Hacking
🇩🇪 london2038.com	2026-06-16 01:17:45 (12 hours ago)	Attacking WordPress 216.26.229.107 - - [16/Jun/2026:03:17:41 +0200] "POST /wp-login.php HTTP/1.1" 50 ... show more Attacking WordPress 216.26.229.107 - - [16/Jun/2026:03:17:41 +0200] "POST /wp-login.php HTTP/1.1" 503 19309 "https://<REDACTED>/wp-login.php" "Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0" show less	Brute-Force Web App Attack
🇫🇷 solution.it	2026-06-13 20:49:18 (2 days ago)	[Sat Jun 13 22:49:17.830381 2026] [php7:error] [pid 3494835:tid 3494835] [client 216.26.229.107:4692 ... show more [Sat Jun 13 22:49:17.830381 2026] [php7:error] [pid 3494835:tid 3494835] [client 216.26.229.107:46929] script '/var/www/html/blog.solution.it/wp-login.php' not found or unable to stat, referer: https://blog.solution.it/wp-login.php show less	Web App Attack
🇲🇽 octageeks.com	2026-06-11 04:12:49 (5 days ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇪🇸 librebit	2026-05-17 04:04:27 (4 weeks ago)	Brute force	Brute-Force
🇺🇸 LSPCCU	2026-05-09 23:07:34 (1 month ago)	TSEC Honeypot Network report. Threat score: 73/100. Categories: Hacking. Honeypot: ssh-telnet, cowri ... show more TSEC Honeypot Network report. Threat score: 73/100. Categories: Hacking. Honeypot: ssh-telnet, cowrie. Context: IP observed in Suricata network metadata. show less	Hacking
🇨🇦 ISPLtd	2026-02-27 01:45:45 (3 months ago)	Hacking, URL manipulation, malformed requests, or requests for invalid/hidden files like .git/config ... show more Hacking, URL manipulation, malformed requests, or requests for invalid/hidden files like .git/config or .env. Does not honour robots.txt. show less	Hacking Web App Attack Bad Web Bot
🇮🇩 Burayot	2026-02-13 06:00:58 (4 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 216.26.229.107 (US/United States/-) ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 216.26.229.107 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
Anonymous	2026-02-12 16:01:21 (4 months ago)	"GET /app/.env HTTP/1.1"	Hacking Web App Attack
🇩🇪 ps-center	2026-02-12 07:36:05 (4 months ago)	C1: Web Attack GET /wp/.git/config	Web Spam Hacking Bad Web Bot Web App Attack
🇦🇺 afleventoffice.com.au	2026-02-09 09:46:39 (4 months ago)	GET /.env.staging HTTP/1.1	Web App Attack
Anonymous	2025-12-07 05:19:59 (6 months ago)	Forum/form spam	Web Spam
🇺🇸 TPI-Abuse	2025-12-02 22:36:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.229.107 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.229.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:36:07.362484 2025] [security2:error] [pid 27115:tid 27115] [client 216.26.229.107:23361] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aangfl.com"] [uri "/.git/HEAD"] [unique_id "aS9p14b7SL__SsLf3tB0SwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 19:33:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.229.107 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.229.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 14:33:23.920626 2025] [security2:error] [pid 29024:tid 29024] [client 216.26.229.107:17163] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arteseros.com"] [uri "/.git/HEAD"] [unique_id "aS8_A_-pOWKU8bHbef3dzAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 15:18:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.229.107 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.229.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 10:18:31.802785 2025] [security2:error] [pid 19117:tid 19117] [client 216.26.229.107:55037] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nessmonsters.com"] [uri "/.svn/wc.db"] [unique_id "aS8DR5UOg3GwUWPWQZTK1wAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2600:1900:4120:e3fb:0:7e::

🇰🇿 185.233.3.95

🇺🇸 173.234.227.6

🇮🇩 163.7.11.155

🇺🇸 157.245.0.54

🇩🇪 103.14.32.224

🇧🇬 95.42.54.132

🇳🇱 91.92.40.13

🇳🇱 91.92.40.10

🇷🇴 80.94.92.177

🇺🇸 65.49.1.152

🇸🇬 43.156.239.194

🇺🇸 20.64.106.19

🇺🇸 216.218.206.97

🇨🇳 180.102.110.150

🇭🇰 151.243.38.65

🇰🇷 140.238.10.203

🇬🇧 138.68.128.149

🇰🇷 121.141.243.81

🇨🇳 115.224.35.139