JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.229.90

216.26.229.90 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 18%: ?

18%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.229.90

Whois 216.26.229.90

IP Abuse Reports for 216.26.229.90:

This IP address has been reported a total of 24 times from 12 distinct sources. 216.26.229.90 was first reported on September 28th 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 FeG Deutschland	2026-06-12 04:22:46 (3 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇫🇮 inlink.ltd	2026-05-27 19:08:34 (2 weeks ago)	Known malicious PHP file or CMS probe	Web App Attack
🇪🇸 librebit	2026-05-17 05:16:30 (4 weeks ago)	Brute force	Brute-Force
🇪🇸 librebit	2026-05-13 23:18:42 (1 month ago)	Brute force	Brute-Force
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇧🇪 voormedia	2026-03-05 16:09:04 (3 months ago)	Accessed trap at '/.aws/credentials'	Web App Attack
🇳🇱 ParaBug	2026-02-10 15:33:06 (4 months ago)	216.26.229.90 - - [10/Feb/2026:16:33:06 +0100] "GET /new/.git/config HTTP/1.1" 301 3366 "-" "Mozilla ... show more 216.26.229.90 - - [10/Feb/2026:16:33:06 +0100] "GET /new/.git/config HTTP/1.1" 301 3366 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Phishing Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-28 02:50:56 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.229.90 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.229.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 21:50:54.162057 2025] [security2:error] [pid 27555:tid 27555] [client 216.26.229.90:34083] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dancingmountainsbrewing.com"] [uri "/.svn/wc.db"] [unique_id "aVCbDm0_LZalSdAKNlgnSAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-28 00:18:09 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.229.90 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.229.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 19:18:02.622569 2025] [security2:error] [pid 2510:tid 2510] [client 216.26.229.90:45647] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "owenmail.com"] [uri "/.env"] [unique_id "aVB3OjT9g3hJMi8kfnQdcgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 Valhalla	2025-12-27 23:40:52 (5 months ago)	/.aws/credentials	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 23:10:53 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.229.90 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.229.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 18:10:48.231945 2025] [security2:error] [pid 18203:tid 18203] [client 216.26.229.90:46605] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "schmeagle.com"] [uri "/.svn/wc.db"] [unique_id "aVBneMgrzxE0spCe-0VQZAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 20:46:07 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.229.90 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.229.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 15:46:01.144070 2025] [security2:error] [pid 6910:tid 6910] [client 216.26.229.90:21961] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "totho.com"] [uri "/.git/HEAD"] [unique_id "aVBFiU_vZNqIh6dPWBr3qAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-11-30 13:09:48 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-11-24 11:47:36 (6 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
Anonymous	2025-11-24 06:47:31 (6 months ago)	Probing to gain illegal access	Web App Attack

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.176.29.6

🇺🇸 146.88.241.57

🇮🇳 103.216.88.114

🇳🇱 91.92.40.5

🇮🇳 59.180.150.214

🇵🇱 46.203.202.230

🇸🇬 43.160.214.25

🇬🇧 23.161.169.113

🇸🇬 8.219.1.152

🇺🇸 207.174.3.248

🇨🇴 181.129.41.162

🇨🇳 180.76.244.13

🇺🇸 172.178.16.179

🇨🇳 124.222.153.120

🇬🇧 87.106.44.172

🇺🇸 207.174.1.230

🇹🇭 203.154.158.195

🇮🇩 163.7.11.155

🇭🇰 114.111.53.214

🇺🇸 104.23.7.12