JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.241.167

216.26.241.167 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 23%: ?

23%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.241.167

Whois 216.26.241.167

IP Abuse Reports for 216.26.241.167:

This IP address has been reported a total of 13 times from 9 distinct sources. 216.26.241.167 was first reported on October 2nd 2025, and the most recent report was 17 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 lostswordfish.com	2026-06-29 06:54:03 (17 hours ago)	Wordfence waf block on ncrsol	Web App Attack
🇫🇷 ELYAZ	2026-06-29 06:37:36 (17 hours ago)	(y4) Failed scan -byebye- from 216.26.241.167 (BR/Brazil/-): (CF_ENABLE)	Hacking
🇲🇹 Malta	2026-06-28 08:43:35 (1 day ago)	216.26.241.167 - - [28/Jun/2026:10:43:35 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows ... show more 216.26.241.167 - - [28/Jun/2026:10:43:35 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" show less	Hacking Web App Attack
🇪🇸 10dencehispahard SL	2026-01-26 10:32:14 (5 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇩🇪 Lino Project	2026-01-17 10:51:18 (5 months ago)	216.26.241.167 - - [17/Jan/2026:11:51:15 +0100] "GET /wp-admin/edit.php?post_type=shop_order HTTP/1. ... show more 216.26.241.167 - - [17/Jan/2026:11:51:15 +0100] "GET /wp-admin/edit.php?post_type=shop_order HTTP/1.1" 403 6767 "-" "curl/8.6.0" 216.26.241.167 - - [17/Jan/2026:11:51:17 +0100] "GET /wp-admin/edit.php?post_type=shop_order HTTP/1.1" 403 6537 "https://www.primobio.it/wp-admin/admin.php?page=wc-orders" "curl/8.6.0" 216.26.241.167 - - [17/Jan/2026:11:51:18 +0100] "GET /wp-admin/admin.php?page=wc-reports&range=year HTTP/1.1" 403 6537 "-" "curl/8.6.0" ... show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Lino Project	2026-01-17 08:50:25 (5 months ago)	216.26.241.167 - - [17/Jan/2026:09:50:21 +0100] "GET /wp-admin/plugins.php HTTP/1.1" 403 6537 "-" "c ... show more 216.26.241.167 - - [17/Jan/2026:09:50:21 +0100] "GET /wp-admin/plugins.php HTTP/1.1" 403 6537 "-" "curl/7.88.1" 216.26.241.167 - - [17/Jan/2026:09:50:22 +0100] "GET /wp-admin/post-new.php HTTP/1.1" 403 6537 "-" "Wget/1.21.4" 216.26.241.167 - - [17/Jan/2026:09:50:23 +0100] "GET /wp-admin/edit.php?post_type=shop_order HTTP/1.1" 403 6537 "-" "Wget/1.21.4" ... show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 12:28:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.241.167 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.241.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 07:28:07.773317 2025] [security2:error] [pid 17929:tid 17929] [client 216.26.241.167:29233] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "happyjackmc.com"] [uri "/.git/HEAD"] [unique_id "aVJz1yDe0p1S2Z2lJSDpWQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 11:49:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.241.167 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.241.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 06:49:45.780691 2025] [security2:error] [pid 25200:tid 25200] [client 216.26.241.167:35825] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bitcoinsquaretrade.com"] [uri "/.env"] [unique_id "aVJq2bDld90HjwX0B8AqrAAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 09:03:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.241.167 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.241.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 04:03:03.433351 2025] [security2:error] [pid 30131:tid 30265] [client 216.26.241.167:39307] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tigerresource.com"] [uri "/.svn/wc.db"] [unique_id "aVJDx0VAh6RHudF0KcbA6wAAAEo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:49:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.241.167 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.241.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:49:40.325249 2025] [security2:error] [pid 30416:tid 30416] [client 216.26.241.167:37077] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cbcconsult.com"] [uri "/.env"] [unique_id "aVIIZBb-jGJaEg8AzbRVDwAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-03 11:15:00 (7 months ago)	Unauthorized connection attempt	Brute-Force
Anonymous	2025-11-02 17:25:45 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 06:57:08	Port Scan Brute-Force Exploited Host Web App Attack
🇩🇪 rh24	2025-10-02 20:07:33 (8 months ago)	(wordpress) Failed wordpress login from 216.26.241.167 (US/United States/-)	Brute-Force

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 2a06:4883:1000::14

🇭🇰 221.126.77.158

🇧🇷 189.11.24.165

🇬🇧 87.236.176.86

🇳🇱 45.153.34.137

🇳🇱 185.242.226.19

🇨🇳 182.92.202.149

🇺🇸 147.185.132.213

🇨🇦 142.120.87.126

🇺🇸 134.122.17.241

🇨🇳 120.48.99.236

🇰🇭 110.235.250.5

🇫🇮 86.54.25.235

🇺🇸 66.132.195.15

🇱🇹 62.60.130.219

🇲🇾 49.124.152.252

🇷🇺 46.151.246.121

🇬🇧 37.156.64.4

🇰🇷 34.47.99.143

🇻🇳 14.184.114.93