JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.239.23

216.26.239.23 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.239.23

Whois 216.26.239.23

IP Abuse Reports for 216.26.239.23:

This IP address has been reported a total of 14 times from 5 distinct sources. 216.26.239.23 was first reported on November 24th 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 4server	2026-05-13 18:58:10 (3 weeks ago)	[WedMay1320:58:03.5225262026][security2:error][pid3356989:tid3357047][client216.26.239.23:0]ModSecur ... show more [WedMay1320:58:03.5225262026][security2:error][pid3356989:tid3357047][client216.26.239.23:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"vocenellanima.ch\"][uri\"/.git/HEAD\"][unique_id\"agTJu4xoLQjcb-gT07wAxQAAANg\"] show less	Hacking Web App Attack
🇫🇷 dynamix	2026-01-06 10:56:18 (4 months ago)	Multiple WAF Violations	Web App Attack
Anonymous	2025-12-29 00:48:00 (5 months ago)	2025-12-29T02:48:00.051555+02:00 zanati wp(www.sahpa.co.za)[398020]: Blocked authentication attempt ... show more 2025-12-29T02:48:00.051555+02:00 zanati wp(www.sahpa.co.za)[398020]: Blocked authentication attempt for [email protected] from 216.26.239.23 ... show less	Web App Attack
🇮🇹 VHosting	2025-12-24 15:35:02 (5 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 20:03:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 15:03:22.443366 2025] [security2:error] [pid 2142:tid 2142] [client 216.26.239.23:40197] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sunnygolfvillas.com"] [uri "/.git/HEAD"] [unique_id "aS9GCgEyyOYolQsOMUKhMAAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 19:44:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 14:44:38.724123 2025] [security2:error] [pid 32353:tid 32353] [client 216.26.239.23:20297] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "evelowerealtor.com"] [uri "/.env"] [unique_id "aS9BpjFb5lpegez93ashYQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:10:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:09:53.714232 2025] [security2:error] [pid 20978:tid 20978] [client 216.26.239.23:26161] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.oliverhardy.com"] [uri "/.git/HEAD"] [unique_id "aSZhcQek-EiejC6sKm3_JgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:27:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:27:36.258927 2025] [security2:error] [pid 32253:tid 32253] [client 216.26.239.23:52457] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.earthtwoworkshop.com"] [uri "/.svn/wc.db"] [unique_id "aSZJeDiVr6IRX7sxWgOiqAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:42:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:41:59.909958 2025] [security2:error] [pid 26814:tid 26814] [client 216.26.239.23:35853] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.danharrisphotoart.com"] [uri "/.git/HEAD"] [unique_id "aSUzl4Wgp6vJbhD95dyGNQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:08:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:08:29.131650 2025] [security2:error] [pid 13757:tid 13835] [client 216.26.239.23:18235] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.sportsoutreachnc.org"] [uri "/.env"] [unique_id "aSUrvb2j_Ew1xiyiewwT7AAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:37:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:37:36.938506 2025] [security2:error] [pid 17296:tid 17296] [client 216.26.239.23:13881] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mylitta.com"] [uri "/.git/HEAD"] [unique_id "aSUWcCuAADPzSPrdasu_WQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:13:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:13:37.126828 2025] [security2:error] [pid 16252:tid 16252] [client 216.26.239.23:28191] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.kulacenterky.com"] [uri "/.git/HEAD"] [unique_id "aSUCwYibG_cVV_vgEvQAnwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:07:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:07:25.631096 2025] [security2:error] [pid 20341:tid 20341] [client 216.26.239.23:15783] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.egret.us"] [uri "/.svn/wc.db"] [unique_id "aSTzPQHE4S6hCpJ51gOp5QAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:13:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.239.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.239.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:12:32.269843 2025] [security2:error] [pid 32529:tid 32529] [client 216.26.239.23:28441] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.campos.tv"] [uri "/.svn/wc.db"] [unique_id "aSQTcLmEs7ppg1Qeq-eNVgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 194.187.176.94

🇸🇾 188.132.249.209

🇺🇸 147.185.132.25

🇭🇰 103.146.159.173

🇷🇴 102.129.186.87

🇧🇬 79.124.40.174

🇫🇷 62.210.142.176

🇫🇷 62.210.142.163

🇺🇸 20.228.193.165

🇱🇰 220.247.224.226

🇩🇪 213.209.159.56

🇲🇽 187.251.123.104

🇮🇳 182.156.80.11

🇩🇪 178.105.241.20

🇰🇷 175.213.137.209

🇮🇳 122.161.242.64

🇨🇳 120.48.106.205

🇮🇹 89.21.197.38

🇸🇳 41.82.123.173

🇭🇰 223.16.42.98