JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.235.82

216.26.235.82 was found in our database!

This IP was reported 38 times. Confidence of Abuse is 34%: ?

34%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.235.82

Whois 216.26.235.82

IP Abuse Reports for 216.26.235.82:

This IP address has been reported a total of 38 times from 13 distinct sources. 216.26.235.82 was first reported on September 27th 2025, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇷 setupgr	2026-06-16 22:47:07 (8 hours ago)	(mod_security) mod_security (id:900001) triggered by 216.26.235.82: 1 in the last 86400 secs; Ports: ... show more (mod_security) mod_security (id:900001) triggered by 216.26.235.82: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Wed Jun 17 01:47:07.110592 2026] [security2:error] [pid 2210176:tid 2210268] [client 216.26.235.82:53609] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "75"] [id "900001"] [msg "Blocked WP Login attempt on domain: asteriassantorini.com"] [severity "CRITICAL"] [tag "security"] [hostname "asteriassantorini.com"] [uri "/wp-login.php"] [unique_id "ajHSa40pb6dkgQfaMdDRwwAAAQ0"], referer: https://asteriassantorini.com/wp-login.php show less	Port Scan
🇲🇹 Malta	2026-06-15 06:18:50 (2 days ago)	216.26.235.82 - - [15/Jun/2026:08:18:50 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh ... show more 216.26.235.82 - - [15/Jun/2026:08:18:50 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; rv:118.0) Gecko/20100101 Firefox/118.0" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇳🇿 billyborsht	2026-06-14 17:58:28 (2 days ago)	2026-06-15T05:58:28.157849+12:00 southern wordpress(blogs.thinktank.co.nz)[773076]: Authentication a ... show more 2026-06-15T05:58:28.157849+12:00 southern wordpress(blogs.thinktank.co.nz)[773076]: Authentication attempt for unknown user root from 216.26.235.82 ... show less	Hacking Web App Attack
🇫🇷 ELYAZ	2026-06-14 17:30:21 (2 days ago)	(y4) Failed scan -byebye- from 216.26.235.82 (US/United States/-): (CF_ENABLE)	Hacking
🇩🇪 iNetWorker	2026-06-13 07:11:01 (3 days ago)	trolling for resource vulnerabilities	Web App Attack
🇬🇷 setupgr	2026-06-13 04:33:40 (4 days ago)	(mod_security) mod_security (id:900001) triggered by 216.26.235.82: 1 in the last 86400 secs; Ports: ... show more (mod_security) mod_security (id:900001) triggered by 216.26.235.82: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sat Jun 13 07:33:40.140470 2026] [security2:error] [pid 568633:tid 568674] [client 216.26.235.82:44151] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.asteriassantorini.com"] [severity "CRITICAL"] [tag "security"] [hostname "mail.asteriassantorini.com"] [uri "/wp-login.php"] [unique_id "aizdpAwee1nHdDysdvf4egAAAQA"], referer: https://mail.asteriassantorini.com/wp-login.php show less	Port Scan
🇱🇻 garmtech.com	2026-05-02 18:18:24 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 21-18.216.26.235.82.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 21-18.216.26.235.82.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2026-03-25 07:52:50 (2 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 09-52.216.26.235.82.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 09-52.216.26.235.82.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2025-12-04 17:41:22 (6 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 19-41.216.26.235.82.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 19-41.216.26.235.82.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:30:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.235.82 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.235.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:30:36.493673 2025] [security2:error] [pid 31205:tid 31205] [client 216.26.235.82:17771] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.achari.com"] [uri "/.svn/wc.db"] [unique_id "aSQXrO9erNULbUnRv3OnGwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:48:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.235.82 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.235.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:47:13.598483 2025] [security2:error] [pid 30655:tid 30655] [client 216.26.235.82:47265] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.brunerdevelopment.littlehorndesign.com"] [uri "/.svn/wc.db"] [unique_id "aSQNgbIKex0rwTnLMPUZXgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:30:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.235.82 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.235.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:30:20.140132 2025] [security2:error] [pid 12137:tid 12137] [client 216.26.235.82:23205] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.photospecialties.net"] [uri "/.svn/wc.db"] [unique_id "aSP7fJIZ0Z_plfHy4tp0UAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:15:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.235.82 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.235.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:15:08.293194 2025] [security2:error] [pid 18325:tid 18328] [client 216.26.235.82:15817] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.credit-card-cap.com"] [uri "/.env"] [unique_id "aSPbzLibCkDUtlE56PAanAAAAEE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:32:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.235.82 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.235.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:32:52.592314 2025] [security2:error] [pid 6773:tid 6773] [client 216.26.235.82:10465] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.ftiptondds.com"] [uri "/.svn/wc.db"] [unique_id "aSPR5DfTETcucupnlqs-SAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-02 13:45:33 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 07:40:47	Port Scan Brute-Force Exploited Host Web App Attack

Showing 1 to 15 of 38 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.239

🇩🇪 185.132.46.108

🇺🇸 162.216.149.162

🇨🇳 118.212.122.150

🇰🇷 106.246.224.218

🇨🇦 85.217.149.56

🇮🇳 223.228.135.151

🇰🇷 220.87.67.230

🇧🇬 213.183.62.12

🇦🇷 186.148.224.183

🇨🇳 182.242.168.172

🇧🇷 177.84.92.181

🇵🇰 153.117.127.229

🇵🇰 153.117.32.248

🇨🇳 124.88.113.253

🇨🇳 124.31.107.247

🇨🇳 123.150.80.157

🇻🇳 118.71.20.55

🇨🇳 111.113.88.210

🇺🇸 104.28.213.40