JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.239.0

216.26.239.0 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 18%: ?

18%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.239.0

Whois 216.26.239.0

IP Abuse Reports for 216.26.239.0:

This IP address has been reported a total of 26 times from 14 distinct sources. 216.26.239.0 was first reported on October 16th 2025, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 FeG Deutschland	2026-06-12 02:42:15 (6 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇬🇧 PeravixGroup	2026-06-09 19:30:47 (1 week ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 WizardsToolkit	2026-04-19 19:50:49 (1 month ago)	tried to access forbidden files; attempted to access /backup.sql	Web App Attack
🇦🇺 2000cn.com.au	2026-04-18 22:40:47 (1 month ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇺🇸 mnsf	2026-02-13 05:05:10 (4 months ago)	Too many Status 40X (12) Scanning/Probing (12)	Brute-Force Web App Attack
🇷🇺 DZBOT	2026-02-10 17:17:46 (4 months ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇬🇧 Axel	2026-02-10 02:52:27 (4 months ago)	Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /new/.git/con ... show more Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /new/.git/config show less	Hacking SQL Injection Web App Attack
🇬🇧 openstrike.co.uk	2025-12-12 08:39:45 (6 months ago)	9 packets to port 2083	Port Scan
🇬🇧 D3monite	2025-12-09 18:24:17 (6 months ago)	Attempted Brute Force (cpaneld)	Brute-Force
🇺🇸 TPI-Abuse	2025-11-26 12:19:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.0 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.0 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 07:19:17.484013 2025] [security2:error] [pid 16581:tid 16581] [client 216.26.239.0:20487] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "genies-bottle.nmorganist.org"] [uri "/.git/HEAD"] [unique_id "aSbwRU5-OkiorGPY-tuksQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 10:19:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.0 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.0 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:19:20.518715 2025] [security2:error] [pid 1968:tid 1968] [client 216.26.239.0:27467] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.barbaraedidin.com"] [uri "/.git/HEAD"] [unique_id "aSbUKMl24AW8RRWiIVReRQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 04:59:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.0 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.0 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 23:59:27.829789 2025] [security2:error] [pid 27455:tid 27455] [client 216.26.239.0:29295] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.sarawatt.com"] [uri "/.env"] [unique_id "aSaJL3o_eq0paXPyxkgPnwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:47:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.0 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.0 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:47:52.727599 2025] [security2:error] [pid 23859:tid 23859] [client 216.26.239.0:13597] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.amplifihearing.com"] [uri "/.env"] [unique_id "aSZOOOJNv82JRy46OUkFjQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:05:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.0 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.0 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:05:40.490793 2025] [security2:error] [pid 25191:tid 25191] [client 216.26.239.0:60851] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.rimworld.com"] [uri "/.git/HEAD"] [unique_id "aSZEVHLsQ3qD89sDN95MlAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇹 NotACaptcha	2025-11-24 15:04:10 (6 months ago)	webserver:80 [24/Nov/2025] "GET /.git/HEAD HTTP/1.1" 302 432 "-" "Mozilla/5.0 (Windows NT 10.0; Win ... show more webserver:80 [24/Nov/2025] "GET /.git/HEAD HTTP/1.1" 302 432 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0" show less	Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 220.127.148.6

🇳🇵 202.70.78.237

🇳🇱 173.194.169.83

🇺🇸 172.121.159.153

🇮🇳 171.76.7.222

🇭🇰 152.32.209.166

🇮🇷 151.232.73.16

🇹🇭 118.194.250.245

🇩🇪 118.193.59.41

🇻🇳 103.232.123.13

🇯🇵 101.36.104.242

🇺🇸 66.132.195.58

🇺🇸 64.181.235.238

🇺🇸 43.153.69.201

🇻🇳 14.225.206.187

🇩🇿 154.241.110.134

🇺🇸 143.42.173.60

🇹🇼 128.14.237.120

🇷🇺 91.211.236.106

🇬🇧 80.1.51.168