JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.239.165

216.26.239.165 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.239.165

Whois 216.26.239.165

IP Abuse Reports for 216.26.239.165:

This IP address has been reported a total of 14 times from 9 distinct sources. 216.26.239.165 was first reported on October 16th 2025, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 myagent.site	2026-01-13 11:56:10 (4 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
Anonymous	2025-12-31 12:41:46 (5 months ago)	wordpress-trap	Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 07:30:01 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 216.26.239.165 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 216.26.239.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 02:29:54.586293 2025] [security2:error] [pid 19875:tid 19875] [client 216.26.239.165:33729] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|caretakerspestcontrol.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "caretakerspestcontrol.com"] [uri "/JMRussell.com"] [unique_id "aS6Vcj7QnkTeYqgLXicMUgAAAA4"], referer: http://caretakerspestcontrol.com show less	Brute-Force Bad Web Bot Web App Attack
🇮🇳 Mcshield.org	2025-12-01 07:32:08 (6 months ago)	Connection closed by 216.26.239.165 [preauth] or weird packet	Brute-Force SSH
🇨🇭 backslash	2025-12-01 01:20:01 (6 months ago)		Web Spam
🇵🇱 sefinek.net	2025-11-28 13:42:39 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-27 18:50:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.165 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 13:50:02.052260 2025] [security2:error] [pid 6633:tid 6633] [client 216.26.239.165:10079] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "1800glass.com"] [uri "/.env"] [unique_id "aSidWh7c1dCIPvB0ws_t1gAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:40:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.165 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:40:41.075733 2025] [security2:error] [pid 16464:tid 16603] [client 216.26.239.165:22481] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.oohrah.us"] [uri "/.env"] [unique_id "aSQoGet9535l6Z-c96sKaAAAAFQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:17:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.165 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:17:08.513965 2025] [security2:error] [pid 6224:tid 6224] [client 216.26.239.165:39739] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.marshvineyards.com"] [uri "/.svn/wc.db"] [unique_id "aSQGdIkjVsq7TRUBdSvjzQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:47:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.165 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:47:00.340451 2025] [security2:error] [pid 4133561:tid 4133571] [client 216.26.239.165:57833] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.mastersofthesecrets.com"] [uri "/.svn/wc.db"] [unique_id "aSPxVM6lE8qghk7QOEUzEgAAAEY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:21:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.165 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:21:22.046801 2025] [security2:error] [pid 12366:tid 12366] [client 216.26.239.165:16817] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.borgeschiro.southtahoechurchofchrist.com"] [uri "/.git/HEAD"] [unique_id "aSPrUs86lh7THnJ7KY5mRAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 octageeks.com	2025-11-23 05:08:03 (6 months ago)	Wordpress malicious attack:[octa404]	Web App Attack
Anonymous	2025-11-01 23:45:00 (7 months ago)	Unauthorized connection attempt	Brute-Force
Anonymous	2025-10-16 12:25:06 (7 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 45.142.193.12

🇧🇷 201.76.120.30

🇿🇦 185.132.186.49

🇦🇷 181.191.67.105

🇳🇱 160.119.71.12

🇷🇺 147.45.48.17

🇺🇸 107.174.137.235

🇷🇴 102.129.186.123

🇳🇱 185.223.235.10

🇺🇸 174.169.224.27

🇺🇸 147.185.132.219

🇩🇪 130.12.180.134

🇻🇳 103.130.213.223

🇲🇳 103.50.205.131

🇦🇪 20.74.132.130

🇷🇴 2.57.121.25

🇨🇳 221.228.10.226

🇪🇹 196.188.93.169

🇭🇰 185.227.153.56

🇵🇭 126.209.112.110