JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.230.222

216.26.230.222 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 3%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.230.222

Whois 216.26.230.222

IP Abuse Reports for 216.26.230.222:

This IP address has been reported a total of 24 times from 15 distinct sources. 216.26.230.222 was first reported on September 26th 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇸🇬 securejdprop	2026-06-23 03:34:06 (3 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus D ... show more This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus DROP Listed Traffic Inbound group 65). Ip 216.26.230.222 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2026-06-23 03:34:04.527822946 +0000 UTC show less	Hacking Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (3 months ago)	"DDoS against public endpoint"	DDoS Attack
🇳🇱 Site.eu	2026-03-22 19:57:00 (3 months ago)	Excessive 404/403 errors	Brute-Force
🇨🇦 ISPLtd	2026-03-04 16:42:48 (3 months ago)	Hacking, URL manipulation, malformed requests, or requests for invalid/hidden files like .git/config ... show more Hacking, URL manipulation, malformed requests, or requests for invalid/hidden files like .git/config or .env. Does not honour robots.txt. show less	Hacking Web App Attack Bad Web Bot
Anonymous	2026-03-02 00:08:04 (3 months ago)	Forum/form spam	Web Spam
🇩🇪 F242	2026-01-30 05:27:27 (4 months ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇱🇻 garmtech.com	2025-12-04 06:39:41 (6 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 08-39.216.26.230.222.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 08-39.216.26.230.222.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 12:12:26 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.230.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.230.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 07:12:21.502815 2025] [security2:error] [pid 16934:tid 16978] [client 216.26.230.222:48587] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "beltaginihotels.ep-dh.com"] [uri "/.git/HEAD"] [unique_id "aSbupRKESCEx-WKRVnuSDAAAAY4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:52:20 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.230.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.230.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:52:12.024765 2025] [security2:error] [pid 13471:tid 13471] [client 216.26.230.222:28775] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blockadegc.weyoungrenovations.com"] [uri "/.env"] [unique_id "aSaVjG2624JIduSwgGFbkAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:21:26 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.230.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.230.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:21:20.549905 2025] [security2:error] [pid 4768:tid 4768] [client 216.26.230.222:44249] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.moellerlaw.com"] [uri "/.svn/wc.db"] [unique_id "aSaOUG9NxXrVPB_C2IRqCgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:12:20 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.230.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.230.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:12:11.767801 2025] [security2:error] [pid 10506:tid 10506] [client 216.26.230.222:33599] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tylercomputing.soviaenterprises.com"] [uri "/.svn/wc.db"] [unique_id "aSZT6_2idGEXFIr1I1UBRQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 sid3windr	2025-11-26 00:47:06 (7 months ago)	GET /.svn/wc.db (Tarpitted for 2m10s, wasted 7.73kB)	Web App Attack
Anonymous	2025-11-14 01:21:17 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇺🇸 octageeks.com	2025-11-13 05:08:51 (7 months ago)	Wordpress malicious attack:[octablocked]	Web App Attack
Anonymous	2025-11-02 18:30:02 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 07:26:17	Port Scan Brute-Force Exploited Host Web App Attack

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.140

🇳🇱 176.65.139.36

🇦🇺 91.124.88.26

🇬🇧 216.226.76.10

🇺🇸 193.19.109.229

🇸🇬 188.166.183.133

🇮🇩 180.245.132.41

🇳🇱 162.249.56.207

🇺🇸 162.216.150.45

🇨🇳 113.221.12.102

🇺🇸 104.243.35.104

🇭🇰 101.32.184.238

🇳🇱 52.174.67.71

🇬🇧 35.203.211.106

🇬🇧 35.203.210.236

🇺🇸 34.10.216.64

🇻🇳 14.225.7.70

🇭🇰 223.197.178.95

🇺🇸 208.157.188.161

🇱🇹 194.165.16.161