JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.233.21

216.26.233.21 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 24%: ?

24%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.233.21

Whois 216.26.233.21

IP Abuse Reports for 216.26.233.21:

This IP address has been reported a total of 24 times from 14 distinct sources. 216.26.233.21 was first reported on September 28th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 georgengelmann	2026-06-12 06:33:38 (1 day ago)	Failed login attempt for admin	Brute-Force Web App Attack
🇺🇸 lostswordfish.com	2026-06-11 18:34:04 (2 days ago)	Wordfence waf block on pameganslaw	Web App Attack
🇨🇳 ThreatBook.io	2026-05-16 23:43:27 (3 weeks ago)	ThreatBook Intelligence: http_proxy,Spam more details on https://threatbook.io/ip/216.26.233.21 2026 ... show more ThreatBook Intelligence: http_proxy,Spam more details on https://threatbook.io/ip/216.26.233.21 2026-05-16 20:12:44 / 2026-05-16 19:27:11 / 2026-05-16 19:27:28 / show less	Web App Attack
🇧🇷 Halux	2026-05-13 04:19:54 (1 month ago)	216.26.233.21 Probing protected path or service	Web App Attack
🇪🇸 10dencehispahard SL	2026-01-26 10:21:33 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇵🇱 sefinek.net	2025-12-26 23:55:05 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Vivaldi/5.3.2679.68 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇦🇷 RocketEmi	2025-11-28 01:57:04 (6 months ago)	They are probing for vulnerable files to hack my website.	Hacking
🇺🇸 TPI-Abuse	2025-11-26 09:27:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.233.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.233.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 04:27:18.302971 2025] [security2:error] [pid 4258:tid 4258] [client 216.26.233.21:40581] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mobilecasino.fisseq.com"] [uri "/.env"] [unique_id "aSbH9tvWaabZvR0D3N8QCgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:00:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.233.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.233.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:00:05.746852 2025] [security2:error] [pid 9742:tid 9742] [client 216.26.233.21:30843] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.orozco-wallraff.com"] [uri "/.git/HEAD"] [unique_id "aSaXZWhGQ7tH9sxq3BJT8AAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:39:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.233.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.233.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:39:19.138809 2025] [security2:error] [pid 11936:tid 11936] [client 216.26.233.21:44291] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.flyinganorak.com"] [uri "/.git/HEAD"] [unique_id "aSZaRw0SbJaYHEloUQs-JgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:02:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.233.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.233.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:02:44.494181 2025] [security2:error] [pid 4965:tid 4965] [client 216.26.233.21:39409] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cherryblossomplayers.royal-barbershop.com"] [uri "/.svn/wc.db"] [unique_id "aSZRtG2ILr9hSh0nS_I9AQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2025-11-19 07:58:13 (6 months ago)	WP probing for vulnerabilities	Hacking Exploited Host
Anonymous	2025-11-14 00:20:50 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 08:06:45 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.233.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.233.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 03:06:38.273375 2025] [security2:error] [pid 25920:tid 25920] [client 216.26.233.21:53323] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.bigbikers.net"] [uri "/config.php%7C/.env%7Csettings.py"] [unique_id "aRWRjnNkJg3-lUPI-zm93wAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-03 17:52:00 (7 months ago)	Unauthorized connection attempt	Brute-Force

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.181.51.113

🇧🇷 190.115.84.25

🇸🇬 43.153.215.224

🇧🇩 163.227.239.123

🇨🇳 120.48.175.122

🇷🇴 80.94.92.171

🇸🇬 47.128.112.51

🇸🇬 43.153.208.49

🇸🇬 43.153.207.127

🇺🇸 138.197.39.208

🇸🇪 81.226.129.67

🇳🇱 45.148.10.151

🇸🇬 43.153.205.132

🇸🇬 43.153.192.98

🇺🇸 43.153.19.83

🇧🇪 35.195.179.171

🇨🇦 34.130.75.138

🇺🇸 20.9.67.71

🇫🇷 185.177.72.16

🇲🇴 182.93.50.90