JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.231.197

216.26.231.197 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.231.197

Whois 216.26.231.197

IP Abuse Reports for 216.26.231.197:

This IP address has been reported a total of 26 times from 13 distinct sources. 216.26.231.197 was first reported on September 27th 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-01-13 12:34:12 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.231.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.231.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 13 07:34:05.762715 2026] [security2:error] [pid 4417:tid 4417] [client 216.26.231.197:18025] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ficciones.com"] [uri "/.env"] [unique_id "aWY7vbfiHOGaUNNNgIxJugAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Starburst SysOp Team	2026-01-07 17:03:40 (5 months ago)	(mod_security-custom) mod_security (id:210492) triggered by 216.26.231.197 (US/United States/Virgini ... show more (mod_security-custom) mod_security (id:210492) triggered by 216.26.231.197 (US/United States/Virginia/Ashburn/-/[AS200373 DREI-K-TECH-GMBH]): 1 in the last 3600 secs (0-srv1) show less	Hacking
🇬🇧 Swiptly	2026-01-07 13:59:37 (5 months ago)	Bot scanning for environment files .env .env/\* ...	Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:44:20 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.231.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.231.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:44:14.504056 2025] [security2:error] [pid 2464632:tid 2464652] [client 216.26.231.197:59297] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yakamengen.com"] [uri "/.svn/wc.db"] [unique_id "aVIHHn4EH3PHvGUNxw-O-wAAAE8"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-12-23 19:35:58 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇩🇪 Packets-Decreaser.NET	2025-11-30 13:09:48 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-26 12:16:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.231.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.231.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 07:15:55.107907 2025] [security2:error] [pid 10474:tid 10474] [client 216.26.231.197:18437] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.debhill.com"] [uri "/.git/HEAD"] [unique_id "aSbvezV9EgNITj7ySWHANgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:32:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.231.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.231.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:32:17.289588 2025] [security2:error] [pid 28346:tid 28346] [client 216.26.231.197:32343] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.towida.com"] [uri "/.git/HEAD"] [unique_id "aSaQ4SYfx9MIOAKuczYjlQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇸 Smel	2025-11-26 05:22:11 (6 months ago)	HTTP/80/443/8080 Unauthorized Probe, Hack -	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:25:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.231.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.231.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:25:30.912592 2025] [security2:error] [pid 31173:tid 31173] [client 216.26.231.197:36341] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tinkerlabyrinth.com"] [uri "/.svn/wc.db"] [unique_id "aSZlGjT8hDIf-lLCofDtQwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:10:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.231.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.231.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:10:13.357055 2025] [security2:error] [pid 17031:tid 17031] [client 216.26.231.197:16505] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.studio716.info"] [uri "/.env"] [unique_id "aSZFZQCdXbTklLm68ByjGQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:56:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.231.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.231.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:56:20.463143 2025] [security2:error] [pid 27791:tid 27791] [client 216.26.231.197:11047] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.bilimkurgumanyagi.com"] [uri "/.svn/wc.db"] [unique_id "aSQrxEgyVcU7cJgpLs8OAwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:19:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.231.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.231.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:19:37.570006 2025] [security2:error] [pid 29941:tid 29941] [client 216.26.231.197:29615] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.thefitzgeralds.org"] [uri "/.svn/wc.db"] [unique_id "aSQVGZkO5cO7jU06LvaTogAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-16 14:17:51 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.16 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.16 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 103.57.224.219

🇧🇪 198.235.24.243

🇸🇬 172.253.84.213

🇳🇬 165.154.11.202

🇨🇳 60.12.106.119

🇺🇸 20.172.67.176

🇨🇳 14.116.156.100

🇺🇸 2602:80d:1007::3e

🇨🇳 223.89.192.37

🇳🇴 185.12.59.118

🇧🇷 179.83.134.101

🇺🇸 103.143.11.150

🇨🇦 51.222.110.246

🇳🇱 45.156.87.10

🇳🇱 45.148.10.240

🇨🇳 220.160.32.79

🇨🇳 218.13.26.42

🇩🇪 202.71.141.170

🇲🇽 187.189.248.25

🇳🇱 91.92.40.124