JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.241.152

216.26.241.152 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.241.152

Whois 216.26.241.152

IP Abuse Reports for 216.26.241.152:

This IP address has been reported a total of 16 times from 7 distinct sources. 216.26.241.152 was first reported on October 15th 2025, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 MAGIC	2025-12-28 03:04:55 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇲🇹 Malta	2025-12-18 17:32:27 (5 months ago)	216.26.241.152 - - [18/Dec/2025:18:32:27 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows ... show more 216.26.241.152 - - [18/Dec/2025:18:32:27 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" show less	VPN IP Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 11:28:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.241.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.241.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:28:23.384511 2025] [security2:error] [pid 27422:tid 27422] [client 216.26.241.152:16903] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.iat.com.pa"] [uri "/.svn/wc.db"] [unique_id "aSbkV2d36Lln7rUXR_gCQwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:24:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.241.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.241.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:24:08.231773 2025] [security2:error] [pid 29493:tid 29493] [client 216.26.241.152:50891] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "freight.michaelpmcgrath.com"] [uri "/.svn/wc.db"] [unique_id "aSadCH05OIyD2MX5y1gFnQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:01:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.241.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.241.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:01:17.674978 2025] [security2:error] [pid 27870:tid 27870] [client 216.26.241.152:30753] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.73.org"] [uri "/.svn/wc.db"] [unique_id "aSaXrX8eRVYWShrEwfCtywAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 03:22:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.241.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.241.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 22:21:53.911892 2025] [security2:error] [pid 22244:tid 22244] [client 216.26.241.152:50437] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.ultratecnologia.com"] [uri "/.git/HEAD"] [unique_id "aSZyUXdqaQbFg88AFXZW1AAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-26 02:02:19 (6 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-11-26 00:39:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.241.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.241.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:39:44.797177 2025] [security2:error] [pid 10863:tid 10863] [client 216.26.241.152:9559] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.volunteergems.com"] [uri "/.git/HEAD"] [unique_id "aSZMUIt3bI46VjfM5Z3S_gAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:13:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.241.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.241.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:13:01.627357 2025] [security2:error] [pid 3776743:tid 3776743] [client 216.26.241.152:55653] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.resilientigm.com"] [uri "/.git/HEAD"] [unique_id "aSQhnZNBC_vuXPmDunjqzgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:44:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.241.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.241.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:44:28.301642 2025] [security2:error] [pid 132008:tid 132020] [client 216.26.241.152:22073] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.financialanalyst.org"] [uri "/.env"] [unique_id "aSQa7AH-XN5lTt6cMbeWoQAAAEc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:36:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.241.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.241.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:36:31.670048 2025] [security2:error] [pid 15609:tid 15609] [client 216.26.241.152:23205] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.rmjaero.com"] [uri "/.env"] [unique_id "aSPgzy9KbOm30uIskmhvWwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:48:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.241.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.241.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:48:43.051194 2025] [security2:error] [pid 23328:tid 23328] [client 216.26.241.152:20387] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.salvoni.org"] [uri "/.svn/wc.db"] [unique_id "aSPVm_sq7iq59_8ABnfVKAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-22 22:10:01 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 216.26.241.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 216.26.241.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 22 17:09:57.723548 2025] [security2:error] [pid 31473:tid 31473] [client 216.26.241.152:47115] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|classicairsoft.org.lopansri.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "classicairsoft.org.lopansri.com"] [uri "/s3cmd.ini"] [unique_id "aSI0tVJeAYWz7CAc9SVVywAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-02 23:44:00 (7 months ago)	Unauthorized connection attempt	Brute-Force
🇫🇷 dynamix	2025-10-16 09:52:04 (7 months ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.71

🇺🇸 147.185.132.55

🇲🇾 51.162.194.94

🇸🇪 46.59.93.200

🇳🇱 45.156.87.166

🇬🇧 35.203.211.190

🇮🇳 182.95.122.110

🇸🇪 171.25.158.47

🇮🇳 122.187.240.209

🇨🇳 120.48.60.18

🇨🇳 114.245.243.154

🇮🇹 93.92.78.49

🇺🇸 68.183.108.203

🇺🇸 64.94.153.233

🇨🇳 61.155.106.101

🇳🇱 45.148.10.157

🇷🇴 2.57.121.25

🇹🇭 1.1.179.83

🇺🇸 172.93.102.236

🇺🇸 136.144.35.59