JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.229.68

216.26.229.68 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 17%: ?

17%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.229.68

Whois 216.26.229.68

IP Abuse Reports for 216.26.229.68:

This IP address has been reported a total of 23 times from 11 distinct sources. 216.26.229.68 was first reported on September 29th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 MatStef132	2026-05-19 20:59:02 (2 weeks ago)	MatShield L7: blocked on dstat.selify.io (ua-quarantined)	Bad Web Bot
🇫🇷 MatStef132	2026-05-19 20:57:53 (2 weeks ago)	MatShield L7: blocked on mathost.eu (click-id-direct-nav)	DDoS Attack
🇫🇷 MatStef132	2026-05-19 20:55:41 (2 weeks ago)	MatShield L7: blocked on mathost.eu (ua-quarantined)	Bad Web Bot
🇳🇱 MatStef132	2026-05-15 13:30:01 (2 weeks ago)	MatShield L7 blocked request to fivemtest.mathost.eu for reason ua-q	DDoS Attack Bad Web Bot Web App Attack
🇫🇷 MatStef132	2026-05-14 21:32:37 (3 weeks ago)	[mathost.eu] clic	DDoS Attack Bad Web Bot Web App Attack
🇪🇸 el-brujo	2026-04-28 15:59:37 (1 month ago)	Cloudflare WAF: Request Path: /test_456 Request Query: Host: elhacker.net userAgent: Mozilla/5.0 (X ... show more Cloudflare WAF: Request Path: /test_456 Request Query: Host: elhacker.net userAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Action: block Source: l7ddos ASN Description: 3xK Tech GmbH Country: US Method: GET Timestamp: 2026-04-28T15:59:37Z ruleId: 6e3ccc23900c428e8ec0fb8a3a679c52. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇱🇻 garmtech.com	2026-04-14 21:49:46 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 00-49.216.26.229.68.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 00-49.216.26.229.68.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇩🇪 Lino Project	2026-04-11 08:52:50 (1 month ago)	216.26.229.68 - - [11/Apr/2026:10:52:50 +0200] "GET /wp-admin/post-new.php HTTP/1.1" 403 6555 "https ... show more 216.26.229.68 - - [11/Apr/2026:10:52:50 +0200] "GET /wp-admin/post-new.php HTTP/1.1" 403 6555 "https://www.primobio.it/mio-account/?action=register" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 cyfordtechnologies.com	2026-03-14 19:40:16 (2 months ago)	High-abuse ASN prefix: 216.26. : Reported by Cyford API	Web App Attack
🇺🇸 oralunal	2026-02-02 22:40:47 (4 months ago)	IP banned by Fail2Ban in jail ente-suss ente.com-ssl_log mvfnds ...	Bad Web Bot Web App Attack
Anonymous	2025-12-15 01:14:34 (5 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-12-08 01:19:53 (5 months ago)	(mod_security) mod_security (id:210831) triggered by 216.26.229.68 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 216.26.229.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 20:19:46.152708 2025] [security2:error] [pid 28349:tid 28349] [client 216.26.229.68:16249] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|backstore.com\|F\|4"] [data "a href="] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "backstore.com"] [uri "/usage_202512.html"] [unique_id "aTYnsr8LfstDj-YQL8mEMgAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:37:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.229.68 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.229.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:36:55.363715 2025] [security2:error] [pid 5170:tid 5188] [client 216.26.229.68:49663] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "andrewbelschner.com"] [uri "/.env"] [unique_id "aSP9B-QIVFuTkiCAsDQIPgAAAU8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:27:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.229.68 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.229.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:27:11.116647 2025] [security2:error] [pid 31615:tid 31615] [client 216.26.229.68:17115] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gamedayincentives.com"] [uri "/.env"] [unique_id "aSPsr9NXxR3aGm0HBEQOggAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:38:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.229.68 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.229.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:37:44.576965 2025] [security2:error] [pid 1514:tid 1514] [client 216.26.229.68:25529] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.deannlottmusic.com"] [uri "/.svn/wc.db"] [unique_id "aSPhGO8YkjcbfqCLrmqidwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.56

🇺🇸 162.216.149.33

🇮🇩 103.28.222.36

🇸🇬 94.231.206.13

🇷🇴 80.94.95.242

🇬🇧 35.203.211.175

🇻🇳 14.236.0.243

🇻🇳 171.225.194.204

🇫🇷 85.217.140.9

🇨🇳 59.52.177.170

🇹🇭 49.231.192.36

🇧🇪 34.156.68.165

🇻🇳 2405:4800:5714:2440:9589:27ce:c083:f823

🇪🇸 212.231.190.106

🇺🇸 199.195.254.215

🇲🇽 189.167.218.107

🇺🇸 176.110.217.173

🇳🇱 176.65.139.217

🇺🇸 162.241.33.130

🇪🇸 162.158.120.141