JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.238.117

216.26.238.117 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.238.117

Whois 216.26.238.117

IP Abuse Reports for 216.26.238.117:

This IP address has been reported a total of 29 times from 14 distinct sources. 216.26.238.117 was first reported on September 28th 2025, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 relianoid.com	2026-01-26 02:35:38 (4 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇺🇸 nowyouknow	2026-01-11 16:23:46 (4 months ago)	(From [email protected]) Stop Wasting Ad Spend: Get Real, Targeted Traffic Tired of low-q ... show more (From [email protected]) Stop Wasting Ad Spend: Get Real, Targeted Traffic Tired of low-quality traffic? Join GTC and start getting 100% targeted, real visitors who are actively searching for your offer. Boost your conversions and grow your business the smart way. Click to Join & Get Targeted Clicks Today! ----> https://morewebtraffic.online/ show less	Phishing Web Spam
🇺🇸 inspectorgdgt	2025-12-24 22:00:00 (5 months ago)	VPN brute-force login attempts observed (bulk report).	Brute-Force
🇵🇱 sefinek.net	2025-12-15 17:34:11 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Vivaldi/5.3.2679.68 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-26 08:43:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.238.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.238.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:43:54.141594 2025] [security2:error] [pid 3738190:tid 3738225] [client 216.26.238.117:32221] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.davidtung.com"] [uri "/.env"] [unique_id "aSa9ytynXzP7IZS7N5-q4gAAAMM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:29:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.238.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.238.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:29:27.752664 2025] [security2:error] [pid 10045:tid 10045] [client 216.26.238.117:59021] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.mikedeutsch.com"] [uri "/.env"] [unique_id "aSaQNzXf_f7oxm0srx16WAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2025-11-26 05:19:36 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-26 03:18:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.238.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.238.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 22:18:20.228337 2025] [security2:error] [pid 13671:tid 13671] [client 216.26.238.117:35981] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.rntoday.com"] [uri "/.git/HEAD"] [unique_id "aSZxfOOKbE8P892CE2GU5AAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:21:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.238.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.238.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:21:38.134340 2025] [security2:error] [pid 5476:tid 5476] [client 216.26.238.117:10909] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.thehomedaleinn.com"] [uri "/.env"] [unique_id "aSZWIq-fZftWs0Vg9TGHwgAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:10:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.238.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.238.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:10:53.812640 2025] [security2:error] [pid 18325:tid 18346] [client 216.26.238.117:55955] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.eadweb.com"] [uri "/.svn/wc.db"] [unique_id "aSPazbibCkDUtlE56PAY3wAAAFM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 techboy117	2025-11-14 00:46:07 (6 months ago)	Blocking due to password spraying.	Brute-Force
Anonymous	2025-11-13 21:46:50 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇦🇺 oncord	2025-11-13 02:50:07 (6 months ago)	Form spam	Web Spam
🇦🇺 oncord	2025-11-10 21:17:05 (7 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2025-11-10 13:17:47 (7 months ago)	(mod_security) mod_security (id:210730) triggered by 216.26.238.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 216.26.238.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 10 08:17:42.340377 2025] [security2:error] [pid 20522:tid 20522] [client 216.26.238.117:40703] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.nebraskaassistedliving.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.nebraskaassistedliving.com"] [uri "/s3cmd.ini"] [unique_id "aRHl9i-kp--eGv80PwFh6wAAABk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.149.228

🇫🇷 79.127.134.229

🇳🇱 45.128.199.178

🇺🇸 195.184.76.2

🇧🇪 194.187.251.91

🇫🇮 185.148.3.241

🇮🇳 182.95.178.206

🇺🇸 165.154.162.104

🇮🇳 117.203.104.74

🇳🇱 91.92.42.147

🇨🇦 85.217.149.5

🇯🇵 43.133.194.186

🇸🇬 43.133.61.254

🇲🇽 201.140.123.130

🇩🇪 192.109.200.215

🇺🇸 147.185.132.35

🇧🇩 123.49.60.158

🇺🇸 45.61.125.82

🇷🇴 2.57.121.25

🇰🇷 203.252.10.3