JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.235.42

216.26.235.42 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 7%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.235.42

Whois 216.26.235.42

IP Abuse Reports for 216.26.235.42:

This IP address has been reported a total of 35 times from 15 distinct sources. 216.26.235.42 was first reported on September 27th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 LSPCCU	2026-05-06 06:30:29 (1 month ago)	TSEC Honeypot Network report. Threat score: 70/100. Categories: Hacking. Honeypot: ssh-telnet, cowri ... show more TSEC Honeypot Network report. Threat score: 70/100. Categories: Hacking. Honeypot: ssh-telnet, cowrie. Context: 216. show less	Hacking
🇱🇻 garmtech.com	2026-04-14 23:59:27 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 02-59.216.26.235.42.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 02-59.216.26.235.42.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇫🇷 conseilgouz	2026-03-04 23:24:54 (3 months ago)	upe-12 : Block return, carriage return, ... characters=>/index.php?option=com_content&view=artic ... show more upe-12 : Block return, carriage return, ... characters=>/index.php?option=com_content&view=article%27%20AND%205790%3DDBMS_PIPE.RECEIVE_MESSAGE%28CHR%281...(') show less	Hacking
🇫🇷 conseilgouz	2026-02-27 10:08:57 (3 months ago)	upe-13 : Block SQL injections=>/index.php?option=com_content&view=article%3BSELECT%20PG_SLEEP%28 ... show more upe-13 : Block SQL injections=>/index.php?option=com_content&view=article%3BSELECT%20PG_SLEEP%285%29--&id=161&catid=8 show less	Hacking
🇺🇸 mind5t0rm	2026-01-28 01:50:29 (4 months ago)	(WPLOGIN) WP Login Attack 216.26.235.42 (US/United States/-): 3 in the last 3600 secs; Ports: ; Dir ... show more (WPLOGIN) WP Login Attack 216.26.235.42 (US/United States/-): 3 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: 216.26.235.42 - - [28/Jan/2026:08:50:06 +0700] "GET /wp-login.php HTTP/2.0" 200 2819 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0" 216.26.235.42 - - [28/Jan/2026:08:50:19 +0700] "GET /wp-login.php?wp_lang=en_US HTTP/2.0" 200 2819 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" 216.26.235.42 - - [28/Jan/2026:08:50:27 +0700] "POST /wp-login.php?wp_lang=en_US HTTP/2.0" 200 2958 "https://zerowaterthailand.com/wp-login.php?wp_lang=en_US" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" show less	Port Scan
🇪🇸 10dencehispahard SL	2026-01-26 10:24:01 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇺🇸 TPI-Abuse	2025-12-02 19:24:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.235.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.235.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 14:24:30.532066 2025] [security2:error] [pid 26119:tid 26119] [client 216.26.235.42:57871] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "adelaidapacific.com"] [uri "/.svn/wc.db"] [unique_id "aS887on_odAduHm1oAz9IAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 19:07:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.235.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.235.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 14:06:58.839562 2025] [security2:error] [pid 30085:tid 30085] [client 216.26.235.42:57915] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kristencorley.com"] [uri "/.git/HEAD"] [unique_id "aS840g438rEeOxyFI69BuQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 07:54:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.235.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.235.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 02:54:12.102310 2025] [security2:error] [pid 780:tid 780] [client 216.26.235.42:28565] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "earlyeditionbooks.com"] [uri "/.git/HEAD"] [unique_id "aS6bJBzsfhGn1XHYtg53ugAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:00:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.235.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.235.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:00:35.327802 2025] [security2:error] [pid 4079:tid 4079] [client 216.26.235.42:27803] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "artisticheadstones.com"] [uri "/.svn/wc.db"] [unique_id "aS5yc91MAaAJWMfMS8omsAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:43:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.235.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.235.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:43:34.188748 2025] [security2:error] [pid 6786:tid 6811] [client 216.26.235.42:33529] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "philacentric.com"] [uri "/.svn/wc.db"] [unique_id "aS5udnj3mgXjraSUDsTKCgAAANU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-13 22:05:26 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇩🇪 london2038.com	2025-10-27 13:24:43 (7 months ago)	Connection atttempts against closed TCP ports Oct 27 14:24:39 BLOCK SRC=216.26.235.42 LEN=60 TOS=0x0 ... show more Connection atttempts against closed TCP ports Oct 27 14:24:39 BLOCK SRC=216.26.235.42 LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=62077 DF PROTO=TCP SPT=19785 DPT=22 WINDOW=65535 RES=0x00 SYN Oct 27 14:24:40 BLOCK SRC=216.26.235.42 LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=62078 DF PROTO=TCP SPT=19785 DPT=22 WINDOW=65535 RES=0x00 SYN Oct 27 14:24:41 BLOCK SRC=216.26.235.42 LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=62079 DF PROTO=TCP SPT=19785 DPT=22 WINDOW=65535 RES=0x00 SYN show less	Port Scan
Anonymous	2025-10-26 20:54:00 (7 months ago)	wordpress-trap	Web App Attack
🇳🇱 EGP Abuse Dept	2025-10-26 13:40:54 (7 months ago)	Unauthorized connection to SSH port 22	Port Scan Hacking SSH

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 187.51.208.158

🇧🇷 177.130.252.131

🇸🇬 43.156.82.40

🇨🇳 218.6.161.46

🇰🇷 210.114.22.126

🇨🇭 209.99.189.177

🇪🇹 196.188.187.45

🇬🇧 195.206.182.212

🇪🇪 192.159.101.186

🇧🇴 190.129.122.12

🇲🇽 186.96.145.241

🇳🇱 185.242.226.19

🇮🇩 182.3.38.240

🇮🇩 180.252.171.146

🇧🇷 179.102.26.14

🇧🇷 170.238.160.191

🇺🇸 162.216.150.119

🇺🇸 162.216.150.96

🇮🇳 162.158.227.177

🇳🇱 159.223.213.49