JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.232.81

216.26.232.81 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 11%: ?

11%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.232.81

Whois 216.26.232.81

IP Abuse Reports for 216.26.232.81:

This IP address has been reported a total of 17 times from 10 distinct sources. 216.26.232.81 was first reported on April 7th 2021, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 georgengelmann	2026-05-22 04:35:14 (2 weeks ago)	Failed login attempt for root	Brute-Force Web App Attack
🇪🇸 librebit	2026-05-17 04:21:24 (2 weeks ago)	Brute force	Brute-Force
🇧🇪 voormedia	2026-03-05 16:11:01 (3 months ago)	Accessed trap at '/.env'	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 10:36:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.232.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.232.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:36:10.690721 2025] [security2:error] [pid 1971:tid 1971] [client 216.26.232.81:38929] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.ehrlichmedia.com"] [uri "/.git/HEAD"] [unique_id "aSbYGt9aSyHWpT8qSxy3xwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-26 05:21:29 (6 months ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:59:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.232.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.232.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:59:45.075603 2025] [security2:error] [pid 3365543:tid 3365656] [client 216.26.232.81:23185] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.pilargarciamanzanares.com"] [uri "/.git/HEAD"] [unique_id "aSZtIWzJ-U6IElkF6xOD0gAAAcc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:56:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.232.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.232.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:56:37.484110 2025] [security2:error] [pid 8375:tid 8375] [client 216.26.232.81:55869] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.timezonespro.com"] [uri "/.git/HEAD"] [unique_id "aSZQRSERyeiaCSJOhemaGwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:57:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.232.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.232.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:56:59.334558 2025] [security2:error] [pid 965:tid 965] [client 216.26.232.81:30751] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.southsideaccountingservices.com"] [uri "/.svn/wc.db"] [unique_id "aSUpC26mRuR8KOO8V_cdVQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:31:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.232.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.232.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:31:21.064338 2025] [security2:error] [pid 675984:tid 675984] [client 216.26.232.81:22473] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cynthiabaxter.com"] [uri "/.env"] [unique_id "aSUU-aouIGtGvFo_26zC1AAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 13:44:24 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-10-18 02:50:00 (7 months ago)	Unauthorized connection attempt	Brute-Force
🇨🇦 wil.com	2025-10-17 02:34:11 (7 months ago)	GlobalProtect login attempts with user gruppioa.	VPN IP Brute-Force
Anonymous	2025-10-08 09:10:15 (7 months ago)	Attempted brute force login to web vpn 3 time(s); last attempt for 2025.10.08 is noted in report tim ... show more Attempted brute force login to web vpn 3 time(s); last attempt for 2025.10.08 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-05 06:51:46 (8 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.05 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.05 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-04 02:54:18 (8 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.04 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.04 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 210.57.229.59

🇳🇱 195.242.118.126

🇬🇧 193.163.125.147

🇳🇱 176.65.149.203

🇨🇳 112.6.227.209

🇳🇱 89.125.56.145

🇬🇧 81.107.97.205

🇧🇷 43.135.216.191

🇫🇮 31.134.15.230

🇺🇸 216.218.206.117

🇳🇱 89.21.67.188

🇩🇪 68.183.212.68

🇸🇬 43.160.249.143

🇬🇧 35.203.211.107

🇻🇳 14.169.208.17

🇹🇷 212.16.87.65

🇸🇬 194.5.82.69

🇺🇸 162.216.149.50

🇭🇰 124.156.129.246

🇭🇰 112.120.171.95