JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.236.218

216.26.236.218 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.236.218

Whois 216.26.236.218

IP Abuse Reports for 216.26.236.218:

This IP address has been reported a total of 26 times from 13 distinct sources. 216.26.236.218 was first reported on September 27th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-09 04:05:12 (1 month ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-06 19:06:32 (1 month ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: CRITICAL. Aaran.cloud show less	Hacking Exploited Host
Anonymous	2026-03-13 19:41:26 (3 months ago)	Forum/form spam	Web Spam
🇺🇸 mnsf	2026-02-15 23:06:19 (3 months ago)	Scanning/Probing (24)	Brute-Force Web App Attack
Anonymous	2026-02-15 13:05:21 (3 months ago)	WAF repeated trigger detected by Fail2Ban	Web App Attack
🇫🇷 LRob.fr	2026-02-15 00:45:03 (4 months ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇺🇸 mnsf	2026-02-14 22:06:06 (4 months ago)	Too many Status 40X (12) Scanning/Probing (12)	Brute-Force Web App Attack
Anonymous	2025-12-30 13:22:34 (5 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 06:00:08 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.236.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.236.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:00:01.680078 2025] [security2:error] [pid 25782:tid 25782] [client 216.26.236.218:38033] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kildarafarms.com"] [uri "/.svn/wc.db"] [unique_id "aVIY4UemthykX7tErsaMFAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:04:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.236.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.236.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:04:06.219080 2025] [security2:error] [pid 4600:tid 4600] [client 216.26.236.218:21405] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.evannine.com"] [uri "/.git/HEAD"] [unique_id "aSUqtjSLOpPYQHZ4YsmoGQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:40:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.236.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.236.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:40:50.107526 2025] [security2:error] [pid 28390:tid 28390] [client 216.26.236.218:57675] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.portraitartisans.com"] [uri "/.svn/wc.db"] [unique_id "aSUlQqikyjRZjidTBqZuDgAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:01:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.236.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.236.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:01:45.359632 2025] [security2:error] [pid 12501:tid 12501] [client 216.26.236.218:40543] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.photoboothtogo.com"] [uri "/.svn/wc.db"] [unique_id "aSUcGXvMe8B5CBc1L2Mz1AAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:02:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.236.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.236.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:02:19.691006 2025] [security2:error] [pid 18008:tid 18008] [client 216.26.236.218:39993] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.cayman-islands-real-estate.com"] [uri "/.git/HEAD"] [unique_id "aSUOKzFmU3gcS1dDDYTwxgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:10:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.236.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.236.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:10:11.070764 2025] [security2:error] [pid 1647139:tid 1647151] [client 216.26.236.218:53267] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "taxelon.maxelon.com"] [uri "/.git/HEAD"] [unique_id "aSUB855eMzOQPKYL6rLzFQAAAEA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:48:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.236.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.236.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:47:13.025911 2025] [security2:error] [pid 22849:tid 22849] [client 216.26.236.218:38037] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.gcchsa.org"] [uri "/.env"] [unique_id "aST8kTSxNCcbZZoJpTXUSQAAADo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 182.243.185.111

🇩🇪 69.5.169.104

🇮🇷 46.36.100.80

🇸🇨 45.194.67.101

🇺🇸 43.166.224.244

🇺🇸 43.153.59.240

🇸🇳 41.82.50.218

🇮🇪 34.243.245.9

🇺🇸 20.168.120.148

🇺🇸 2604:a880:400:d1:0:4:9626:a001

🇲🇽 187.251.123.104

🇺🇸 165.154.163.67

🇺🇸 161.35.2.225

🇭🇰 152.32.239.122

🇮🇳 152.32.159.97

🇮🇳 152.32.158.74

🇩🇪 91.98.134.147

🇷🇺 85.236.26.130

🇩🇪 82.115.21.205

🇱🇺 64.89.160.111