JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.236.96

216.26.236.96 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 9%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.236.96

Whois 216.26.236.96

IP Abuse Reports for 216.26.236.96:

This IP address has been reported a total of 22 times from 8 distinct sources. 216.26.236.96 was first reported on September 27th 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-05-17 05:32:22 (3 weeks ago)	Brute force	Brute-Force
🇺🇸 LSPCCU	2026-05-06 14:33:46 (1 month ago)	TSEC Honeypot Network report. Threat score: 77/100. Categories: Hacking. Honeypot: ssh-telnet, cowri ... show more TSEC Honeypot Network report. Threat score: 77/100. Categories: Hacking. Honeypot: ssh-telnet, cowrie. Context: Attacker IP from Ashburn, United States (AS200373, 3xK Tech GmbH). show less	Hacking
🇺🇸 mnsf	2026-02-13 06:05:58 (3 months ago)	Too many Status 40X (12) Scanning/Probing (15)	Brute-Force Web App Attack
🇮🇩 Burayot	2026-02-13 06:00:41 (3 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 216.26.236.96 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 216.26.236.96 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:52:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.236.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.236.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:52:22.832801 2025] [security2:error] [pid 5361:tid 5372] [client 216.26.236.96:9051] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.utahhoaservices.com"] [uri "/.env"] [unique_id "aSaVlg6mFNQyT6yLV4IG_gAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:15:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.236.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.236.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:15:27.440718 2025] [security2:error] [pid 2408893:tid 2408893] [client 216.26.236.96:53355] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.partnersforaccess.net"] [uri "/.git/HEAD"] [unique_id "aSaM7-17WaqA_sblBDRHfgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:15:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.236.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.236.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:15:32.431750 2025] [security2:error] [pid 22108:tid 22108] [client 216.26.236.96:30853] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.obfetal.com"] [uri "/.svn/wc.db"] [unique_id "aSZixJxhTIPZuUprp05mIQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:06:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.236.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.236.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:06:06.005723 2025] [security2:error] [pid 18957:tid 18957] [client 216.26.236.96:30579] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "styxwetdenim.grayhost.net"] [uri "/.svn/wc.db"] [unique_id "aSZSfq_EWluSAbnHkbp-sQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:07:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.236.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.236.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:07:01.227057 2025] [security2:error] [pid 3147113:tid 3147138] [client 216.26.236.96:19181] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "section64.org.wwwhst.com"] [uri "/.svn/wc.db"] [unique_id "aSZEpQ0e3bvGQ_CcO9hHiAAAARc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:37:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.236.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.236.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:37:38.100227 2025] [security2:error] [pid 26531:tid 26531] [client 216.26.236.96:48993] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.naturopathicsource.com"] [uri "/.env"] [unique_id "aSQZUkzE2IKviKJW5AEx0AAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:48:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.236.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.236.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:47:15.745996 2025] [security2:error] [pid 19263:tid 19263] [client 216.26.236.96:24789] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.deniz-bilgisayar.com"] [uri "/.git/HEAD"] [unique_id "aSQNg_Z4-eprTjh80U6KewAAAEo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:20:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.236.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.236.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:19:38.140687 2025] [security2:error] [pid 5956:tid 5956] [client 216.26.236.96:19621] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.givemethemic.com"] [uri "/.git/HEAD"] [unique_id "aSQHCtafqQ_PQH6i-8a85gAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:46:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.236.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.236.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:46:44.090367 2025] [security2:error] [pid 5954:tid 5954] [client 216.26.236.96:34681] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.scadco.com"] [uri "/.svn/wc.db"] [unique_id "aSP_VG8uwiJWQQrsi3tSOQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 06:14:45 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-11-03 18:05:00 (7 months ago)	Unauthorized connection attempt	Brute-Force

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇱 192.109.220.211

🇮🇩 182.8.211.27

🇷🇴 2.57.121.25

🇨🇳 120.238.23.168

🇨🇳 113.0.152.164

🇺🇸 104.152.52.125

🇺🇸 104.28.214.122

🇮🇩 103.160.37.151

🇮🇳 103.87.105.191

🇨🇦 85.217.149.56

🇹🇷 85.105.46.199

🇮🇹 79.12.1.240

🇩🇪 69.5.169.242

🇮🇶 65.20.135.97

🇳🇱 45.148.10.157

🇺🇸 43.162.112.238

🇬🇧 35.203.210.219

🇧🇷 34.95.170.81

🇸🇬 198.38.91.141

🇨🇱 186.105.3.222