JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.231.78

216.26.231.78 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 11%: ?

11%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.231.78

Whois 216.26.231.78

IP Abuse Reports for 216.26.231.78:

This IP address has been reported a total of 24 times from 17 distinct sources. 216.26.231.78 was first reported on September 28th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-05-23 02:00:07 (1 week ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 05-00.216.26.231.78.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 05-00.216.26.231.78.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2026-05-21 04:56:53 (2 weeks ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 07-56.216.26.231.78.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 07-56.216.26.231.78.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2026-05-16 08:00:20 (2 weeks ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 11-00.216.26.231.78.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 11-00.216.26.231.78.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇩🇪 IVski	2026-05-13 14:09:35 (3 weeks ago)	IVski WAF \| WordPress scanner detected - probing wp-content, xmlrpc or wp-login	Port Scan Brute-Force Web App Attack
🇨🇭 backslash	2025-12-23 01:25:04 (5 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇫🇷 mrcrassi	2025-12-17 14:26:52 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (POST meth ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (POST method) Endpoint: /wp-login.php UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.203 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2025-12-03 19:43:10 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-28 19:12:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.231.78 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.231.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 14:12:11.276897 2025] [security2:error] [pid 3315424:tid 3315431] [client 216.26.231.78:9595] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aafminstitute.com"] [uri "/.env"] [unique_id "aSn0C9EPeXoM8C_lHxwUTQAAAYE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 16:18:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.231.78 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.231.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 11:18:51.028045 2025] [security2:error] [pid 24418:tid 24538] [client 216.26.231.78:34987] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "104ventures.com"] [uri "/.env.development"] [unique_id "aSnLazjT-9cHBgepQnEqrwAAANc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 13:34:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.231.78 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.231.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 08:34:34.364439 2025] [security2:error] [pid 16420:tid 16420] [client 216.26.231.78:37413] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "amazeconsultants.org"] [uri "/.env.production"] [unique_id "aSmk6g1YSiCOyylEHXWi3gAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2025-11-28 11:17:47 (6 months ago)	Blocking for trying to access an exploit file: /config.php	Hacking
🇺🇸 TPI-Abuse	2025-11-24 04:59:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.231.78 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.231.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:59:16.485370 2025] [security2:error] [pid 18377:tid 18377] [client 216.26.231.78:12749] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.lusocleaningservice.com"] [uri "/.git/HEAD"] [unique_id "aSPmJKRTwZTjIPidpHm2UwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-13 20:34:53 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-11-02 19:39:52 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 06:58:30	Port Scan Brute-Force Exploited Host Web App Attack
🇳🇱 i-turnradio.nl	2025-11-02 17:22:43 (7 months ago)	2025-11-02 @ 18:22:43 (CET) ~ Blocked based on risk assessment and prior abuse reports	Web App Attack

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2a03:2880:f806:14::

🇨🇳 171.114.224.168

🇮🇳 125.20.251.70

🇺🇸 66.132.172.242

🇺🇸 34.194.233.48

🇩🇪 2.27.36.23

🇻🇳 160.30.160.204

🇺🇸 63.42.245.167

🇭🇰 47.86.171.75

🇸🇬 45.114.189.9

🇺🇸 20.127.187.7

🇺🇸 20.64.105.133

🇳🇱 172.253.82.214

🇺🇸 162.216.149.73

🇺🇸 135.148.217.213

🇻🇳 103.176.20.115

🇮🇳 103.84.236.222

🇫🇷 91.231.89.133

🇷🇺 87.250.224.244

🇳🇱 45.148.10.152