JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.231.21

216.26.231.21 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.231.21

Whois 216.26.231.21

IP Abuse Reports for 216.26.231.21:

This IP address has been reported a total of 24 times from 14 distinct sources. 216.26.231.21 was first reported on September 28th 2025, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 BlueWire Hosting	2026-02-15 12:17:48 (3 months ago)	Probing websites for vulnerabilities	Web App Attack
🇮🇩 Burayot	2026-02-15 12:13:38 (3 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 216.26.231.21 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 216.26.231.21 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
Anonymous	2026-02-15 01:30:03 (3 months ago)	Bot / scanning and/or hacking attempts: GET /new/.git/config HTTP/1.1, GET /.git/config HTTP/1.1, GE ... show more Bot / scanning and/or hacking attempts: GET /new/.git/config HTTP/1.1, GET /.git/config HTTP/1.1, GET /app/.git/config HTTP/1.1, GET /admin/.git/config HTTP/1.1, GET /site/.git/config HTTP/1.1, GET /.env.local HTTP/1.1, HEAD / HTTP/1.1, GET /.env.save HTTP/1.1 show less	Hacking Web App Attack
🇺🇸 mnsf	2026-02-14 22:05:36 (3 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack
🇫🇷 dynamix	2026-02-14 21:18:32 (3 months ago)	Multiple WAF Violations	Web App Attack
Anonymous	2026-02-11 09:01:00 (3 months ago)	SMS pumping	DDoS Attack VPN IP Bad Web Bot Web App Attack
🇺🇸 ne1for23	2026-02-09 23:14:35 (3 months ago)	Attempting to probe for sensitive information accidently exposed via git config. 216.26.231.21 - - ... show more Attempting to probe for sensitive information accidently exposed via git config. 216.26.231.21 - - [09/Feb/2026:23:13:45 +0000] "GET /wp/.git/config HTTP/1.1" 403 153 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" show less	Hacking
🇮🇹 VHosting	2025-12-24 03:00:14 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
Anonymous	2025-12-22 16:42:20 (5 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-03 08:38:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.231.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.231.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 03 03:38:44.011842 2025] [security2:error] [pid 20029:tid 20039] [client 216.26.231.21:30429] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jawa-lb.org"] [uri "/.svn/wc.db"] [unique_id "aS_3FDeDo_4bewdOuzqiCwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:36:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.231.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.231.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:35:56.047388 2025] [security2:error] [pid 16281:tid 16281] [client 216.26.231.21:22415] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.67ronin.com"] [uri "/.svn/wc.db"] [unique_id "aSaRvDRXmYny3JBpjiWxfQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:21:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.231.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.231.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:21:41.190822 2025] [security2:error] [pid 17544:tid 17556] [client 216.26.231.21:12645] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.livingalegacybulldogges.petsentiments.com"] [uri "/.git/HEAD"] [unique_id "aSZWJbdIsiK1k1jqHcTglgAAAIo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:30:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.231.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.231.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:30:41.703287 2025] [security2:error] [pid 24413:tid 24413] [client 216.26.231.21:54015] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.helpkccare.org"] [uri "/.svn/wc.db"] [unique_id "aSQlwWFwT_e0Hvv4zBiScgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:31:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.231.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.231.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:31:47.837606 2025] [security2:error] [pid 14762:tid 14762] [client 216.26.231.21:46565] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.nathangoldsteinartist.com"] [uri "/.git/HEAD"] [unique_id "aSQJ493ByVO8euim9TfSKAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 00:10:54 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 187.33.59.116

🇩🇪 172.217.34.23

🇫🇷 91.231.89.199

🇺🇸 20.168.7.129

🇧🇷 205.210.31.198

🇳🇱 176.65.139.41

🇨🇳 106.13.107.35

🇺🇸 104.250.131.18

🇺🇸 71.6.134.229

🇺🇸 47.254.71.82

🇷🇴 2.57.121.25

🇨🇴 2803:cd60:5102:103:9999::229

🇬🇧 194.50.235.152

🇬🇧 193.32.209.246

🇳🇱 185.246.188.149

🇺🇸 152.32.207.179

🇲🇦 105.154.193.161

🇷🇴 92.118.39.62

🇬🇧 89.37.172.149

🇧🇬 79.124.56.138