JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.239.189

216.26.239.189 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.239.189

Whois 216.26.239.189

IP Abuse Reports for 216.26.239.189:

This IP address has been reported a total of 10 times from 4 distinct sources. 216.26.239.189 was first reported on November 2nd 2025, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-12-28 16:18:33 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.189 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 11:18:29.595339 2025] [security2:error] [pid 6093:tid 6093] [client 216.26.239.189:33577] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dodgersboosterclub.com"] [uri "/.svn/wc.db"] [unique_id "aVFYVXuIgwxp21qSueQXKgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 stinpriza	2025-12-18 07:06:06 (5 months ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 16:53:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.189 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 11:53:28.117258 2025] [security2:error] [pid 13473:tid 13473] [client 216.26.239.189:56635] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "michaelcaico.com"] [uri "/.env"] [unique_id "aTcCiMWpjT681xilzg94QQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 11:17:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.189 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 06:17:00.310316 2025] [security2:error] [pid 18237:tid 18237] [client 216.26.239.189:37869] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kelting.net"] [uri "/.git/HEAD"] [unique_id "aTQQrJch9jnF6MGi9Af6FgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 21:18:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.189 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 16:18:39.516937 2025] [security2:error] [pid 19593:tid 19593] [client 216.26.239.189:35593] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "myllc.email"] [uri "/.svn/wc.db"] [unique_id "aTNML_x233iMP6o0ZkE0agAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 05:43:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.189 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 00:43:14.277005 2025] [security2:error] [pid 23540:tid 23540] [client 216.26.239.189:39385] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "birascreekresort.com"] [uri "/.env"] [unique_id "aTJw8tzJ1lGog3gVeNeTFAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2025-12-05 04:21:31 (6 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2025-12-05 01:50:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.189 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 20:50:22.688168 2025] [security2:error] [pid 9874:tid 9874] [client 216.26.239.189:35095] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "concertosupport.com"] [uri "/.env"] [unique_id "aTI6Xl6_EtJ-lN6TWYgLBwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:37:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.189 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:37:41.478498 2025] [security2:error] [pid 12993:tid 12993] [client 216.26.239.189:32127] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.cristalsupermercados.com"] [uri "/.env"] [unique_id "aSVOtTcKO-7a351GffsecAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-02 20:13:17 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 06:57:11	Port Scan Brute-Force Exploited Host Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.82

🇬🇧 185.216.145.190

🇬🇧 185.216.145.181

🇮🇳 157.50.103.45

🇹🇬 154.70.82.31

🇵🇱 87.251.64.176

🇨🇳 223.167.205.181

🇩🇪 217.60.245.42

🇲🇰 213.135.186.226

🇺🇸 193.34.75.162

🇺🇸 192.169.213.186

🇦🇺 175.36.166.203

🇺🇸 161.129.174.37

🇭🇰 156.251.179.157

🇨🇳 153.0.125.32

🇺🇸 129.146.247.247

🇨🇳 123.178.210.144

🇻🇳 113.161.160.126

🇮🇳 106.219.167.125

🇺🇸 91.242.73.199