JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.234.121

216.26.234.121 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 14%: ?

14%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.234.121

Whois 216.26.234.121

IP Abuse Reports for 216.26.234.121:

This IP address has been reported a total of 25 times from 13 distinct sources. 216.26.234.121 was first reported on September 27th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 4server	2026-06-19 10:42:47 (1 day ago)	[FriJun1912:42:43.1453992026][security2:error][pid2734459:tid2734753][client216.26.234.121:0]ModSecu ... show more [FriJun1912:42:43.1453992026][security2:error][pid2734459:tid2734753][client216.26.234.121:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\^/wp-content/plugins/[\^/] /\(readme\\\\\\\\.txt\\|changelog\\\\\\\\.txt\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"382\"][id\"960828\"][msg\"WordPresspluginenumerationblocked\"][hostname\"edomustech.ch.81-17-25-250.cpanel.site\"][uri\"/wp-content/plugins/metform/readme.txt\"][unique_id\"ajUdI1B5fhSx-FxsE7q-YAAAAQ4\"] show less	Hacking Web App Attack
🇮🇩 securejdprop	2026-06-10 22:25:27 (1 week ago)	This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus D ... show more This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus DROP Listed Traffic Inbound group 65). Ip 216.26.234.121 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2026-06-10 22:25:26.634133886 +0000 UTC show less	Hacking Web App Attack
🇸🇬 securejdprop	2026-06-01 07:14:08 (2 weeks ago)	This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus D ... show more This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus DROP Listed Traffic Inbound group 64). Ip 216.26.234.121 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2026-06-01 07:14:06.782751546 +0000 UTC show less	Hacking Web App Attack
Anonymous	2026-01-04 06:20:19 (5 months ago)	Infected user bad webscan	Exploited Host
🇵🇱 sefinek.net	2025-12-27 10:09:39 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 YaBrowser/22.7.0 Yowser/2.5 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-08 23:25:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.234.121 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.234.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 18:25:43.414903 2025] [security2:error] [pid 26475:tid 26475] [client 216.26.234.121:28409] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "christiannationalmilitia.com"] [uri "/.svn/wc.db"] [unique_id "aTded-zw-d-gf-vjW3hBJAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 23:19:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.234.121 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.234.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 18:19:14.567772 2025] [security2:error] [pid 17763:tid 17775] [client 216.26.234.121:46431] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "davidholls.com"] [uri "/.svn/wc.db"] [unique_id "aTYLclHGsSTpVoqIg5ks-QAAAIo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 11:12:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.234.121 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.234.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 06:12:12.329579 2025] [security2:error] [pid 1597:tid 1597] [client 216.26.234.121:43485] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "zmgmt.net"] [uri "/.env"] [unique_id "aTQPjIGPDieMmBb3I__OawAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 07:39:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.234.121 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.234.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:39:23.082788 2025] [security2:error] [pid 10395:tid 10395] [client 216.26.234.121:50037] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "finewebdining.com"] [uri "/.git/HEAD"] [unique_id "aSVdK4-8srofXpPl2yeYzwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:45:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.234.121 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.234.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:45:34.441843 2025] [security2:error] [pid 30992:tid 31082] [client 216.26.234.121:40045] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "exedesalesteam.com"] [uri "/.git/HEAD"] [unique_id "aSVQjgiHdlTmqu0bsgsp6QAAAJA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:15:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.234.121 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.234.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:14:53.786759 2025] [security2:error] [pid 18492:tid 18492] [client 216.26.234.121:50667] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.seizethisseason.com"] [uri "/.env"] [unique_id "aSVJXW8olu2TFMUg-RGb6gAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:30:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.234.121 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.234.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:30:49.770450 2025] [security2:error] [pid 16824:tid 16824] [client 216.26.234.121:26169] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dorismitchell.com"] [uri "/.svn/wc.db"] [unique_id "aSUw-QVtJc0Sc0Ne5RxcfAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2025-11-17 02:04:33 (7 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇬🇧 SiSm	2025-11-15 07:47:58 (7 months ago)	Web Form Spam	Web Spam
Anonymous	2025-11-14 20:31:35 (7 months ago)	(wp-php-upload-includes) Block attempt to access .php in uploads wordpress uploads or well-known 216 ... show more (wp-php-upload-includes) Block attempt to access .php in uploads wordpress uploads or well-known 216.26.234.121 (US/United States/-) show less	Brute-Force

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:400:d1:0:4:6c7d:4001

🇺🇸 66.132.172.155

🇸🇬 43.156.92.183

🇬🇧 2a06:4880:c000::dc

🇺🇸 173.244.60.155

🇺🇸 172.58.210.126

🇵🇭 120.28.109.188

🇧🇬 79.124.60.146

🇷🇺 217.114.1.240

🇬🇧 195.206.182.197

🇮🇹 172.71.114.96

🇺🇸 162.216.149.136

🇺🇸 147.185.132.105

🇮🇳 49.205.121.185

🇨🇳 42.5.142.196

🇺🇸 20.168.121.1

🇰🇷 1.241.64.237

🇰🇷 175.118.127.138

🇺🇸 137.184.159.183

🇸🇪 122.8.93.178