JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.242.246

216.26.242.246 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.242.246

Whois 216.26.242.246

IP Abuse Reports for 216.26.242.246:

This IP address has been reported a total of 18 times from 12 distinct sources. 216.26.242.246 was first reported on October 28th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-16 18:10:43 (2 weeks ago)	Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran. ... show more Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran.cloud show less	FTP Brute-Force Brute-Force
🇬🇧 PeravixGroup	2026-05-11 05:14:26 (3 weeks ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 mnsf	2026-02-15 06:06:13 (3 months ago)	Scanning/Probing (25)	Brute-Force Web App Attack
🇺🇸 myagent.site	2026-02-15 01:51:04 (3 months ago)	Blocking for trying to access an exploit file: /.env.save	Hacking
🇨🇭 Origon	2026-02-15 01:36:14 (3 months ago)	http-sensitive-files - IP: 216.26.242.246 - time="2026-02-15T02:36:12+01:00" level=info msg="(555f6 ... show more http-sensitive-files - IP: 216.26.242.246 - time="2026-02-15T02:36:12+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 216.26.242.246 (BR/200373) : 4h ban on Ip 216.26.242.246" module=db show less	Web App Attack
🇫🇷 dynamix	2026-02-15 01:28:26 (3 months ago)	Multiple WAF Violations	Web App Attack
🇫🇮 kumiko	2026-02-15 00:56:28 (3 months ago)	[2026-02-15 02:56:28] Probing for dotfiles "GET /new/.git/config HTTP/1.1" 301	Bad Web Bot Web App Attack
🇫🇮 oh.mg	2026-02-14 21:51:13 (3 months ago)	[Sat Feb 14 22:51:12.669181 2026] [security2:error] [pid 865574:tid 865586] [client 216.26.242.246:3 ... show more [Sat Feb 14 22:51:12.669181 2026] [security2:error] [pid 865574:tid 865586] [client 216.26.242.246:34753] [client 216.26.242.246] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "mmnto.org"] [uri "/.env"] [unique_id "aZDuUK2UyXSKG7aG8WkgCQAAAIo"] [Sat Feb 14 22:51:12.873559 2026] [security2:error] [pid 865574:tid 865593] [client 216.26.242.246:34753] [client 216.26.242.246] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anom ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-15 12:27:10 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.242.246 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.242.246 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 15 07:27:04.267497 2026] [security2:error] [pid 17099:tid 17099] [client 216.26.242.246:47069] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ssion.com"] [uri "/.git/HEAD"] [unique_id "aWjdGP234nKeICopSSGgsAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2025-11-25 23:03:31 (6 months ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2025-11-24. show less	Hacking Web App Attack SSH
🇫🇮 Shaik Sai Meera	2025-11-25 06:40:09 (6 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇺🇸 TPI-Abuse	2025-11-25 03:27:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.242.246 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.242.246 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:27:01.044021 2025] [security2:error] [pid 24338:tid 24338] [client 216.26.242.246:37087] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.thereddoorlounge.com"] [uri "/.svn/wc.db"] [unique_id "aSUiBZ47HdjQluUOyQ46KwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:36:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.242.246 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.242.246 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:36:18.942344 2025] [security2:error] [pid 7326:tid 7520] [client 216.26.242.246:31965] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.condobudget.com"] [uri "/.git/HEAD"] [unique_id "aSUIEtNUaJ5dFUuoaTx1vwAAAMY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:09:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.242.246 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.242.246 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:09:32.414893 2025] [security2:error] [pid 16566:tid 16566] [client 216.26.242.246:51115] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.maeghanan.com"] [uri "/.svn/wc.db"] [unique_id "aSUBzHXJRimNnHo1vFS_HAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:50:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.242.246 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.242.246 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:50:27.047527 2025] [security2:error] [pid 740:tid 740] [client 216.26.242.246:13341] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.hydrogenplus.rejuvenationsystems.com"] [uri "/.git/HEAD"] [unique_id "aSQcU1Bshb34GBqZZxwjzwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 219.248.4.146

🇬🇧 217.146.80.99

🇩🇪 185.91.127.85

🇧🇴 181.188.148.74

🇺🇸 147.185.132.195

🇺🇸 147.185.132.15

🇺🇸 135.237.122.43

🇨🇳 115.191.64.182

🇦🇪 95.182.89.109

🇰🇬 92.245.115.39

🇺🇸 74.114.29.215

🇺🇸 52.144.111.6

🇱🇹 45.227.254.170

🇨🇦 38.49.217.60

🇬🇧 31.14.254.78

🇺🇸 20.163.15.131

🇭🇰 2404:6800:4005:c03::128

🇰🇷 211.251.201.47

🇩🇪 194.187.176.240

🇨🇱 186.106.34.138