JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.239.173

216.26.239.173 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.239.173

Whois 216.26.239.173

IP Abuse Reports for 216.26.239.173:

This IP address has been reported a total of 10 times from 3 distinct sources. 216.26.239.173 was first reported on November 2nd 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-05-15 13:48:32 (3 weeks ago)	Known malicious PHP file or CMS probe	Web App Attack
🇺🇸 TPI-Abuse	2026-01-16 02:37:48 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 15 21:37:40.974757 2026] [security2:error] [pid 26135:tid 26135] [client 216.26.239.173:56413] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "san-marino-boat-registration.com"] [uri "/config.php%7C/.env%7Csettings.py"] [unique_id "aWmkdGHRvgAvgHnsUotCcAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 00:48:27 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 19:48:23.524758 2025] [security2:error] [pid 8381:tid 8381] [client 216.26.239.173:39091] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "danielbrower.com"] [uri "/.svn/wc.db"] [unique_id "aTYgV2mGwPNAw2zy09WgBwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 18:45:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 13:45:15.935657 2025] [security2:error] [pid 29473:tid 29473] [client 216.26.239.173:55091] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ticmonster.com"] [uri "/.svn/wc.db"] [unique_id "aTXLOyESmo3TxjFq5BJrrwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 21:40:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 16:40:48.738046 2025] [security2:error] [pid 29319:tid 29319] [client 216.26.239.173:53897] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "asiabeef.network"] [uri "/.svn/wc.db"] [unique_id "aTSi4OIF44H27pGAMc2fOQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 12:55:54 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 216.26.239.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 216.26.239.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 07:55:49.255067 2025] [security2:error] [pid 9588:tid 9588] [client 216.26.239.173:54529] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|imageries.net\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "imageries.net"] [uri "/.svn/wc.db"] [unique_id "aTQn1V_ZUNx0WZSzjiIIOwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 21:10:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 16:10:12.694366 2025] [security2:error] [pid 22987:tid 23010] [client 216.26.239.173:12667] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "seracon.com.ec"] [uri "/.env"] [unique_id "aTNKNAIwz6uMBEjbH3c48gAAAJM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 17:19:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 12:19:38.612763 2025] [security2:error] [pid 30519:tid 30519] [client 216.26.239.173:22331] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "coolcustomproducts.com"] [uri "/.env"] [unique_id "aTMUKuInEJZDrCYNtdEKUAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 06:00:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 01:00:22.586263 2025] [security2:error] [pid 17386:tid 17386] [client 216.26.239.173:51601] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "geriterry.com"] [uri "/.svn/wc.db"] [unique_id "aTJ09lDt5hgYI-rGQ_1DxgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-02 19:04:44 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 06:58:13	Port Scan Brute-Force Exploited Host Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇪 192.36.109.82

🇺🇸 172.203.234.251

🇺🇸 161.123.218.106

🇳🇬 152.32.140.39

🇨🇳 115.190.83.184

🇮🇩 103.171.85.192

🇸🇪 46.59.90.49

🇭🇰 45.10.175.77

🇵🇱 213.92.220.103

🇺🇸 206.162.244.24

🇦🇪 198.38.94.14

🇸🇪 192.36.109.125

🇸🇪 192.36.109.118

🇸🇬 178.128.84.81

🇫🇮 178.20.210.151

🇵🇪 161.132.37.31

🇺🇸 71.6.237.246

🇮🇳 61.95.199.54

🇸🇪 192.36.109.116

🇭🇰 150.5.169.138