JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.229.247

216.26.229.247 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.229.247

Whois 216.26.229.247

IP Abuse Reports for 216.26.229.247:

This IP address has been reported a total of 24 times from 13 distinct sources. 216.26.229.247 was first reported on September 30th 2025, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 F242	2026-01-30 06:12:02 (4 months ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇬🇧 Swiptly	2026-01-07 19:41:27 (5 months ago)	Bot scanning for environment files .env .env/\* ...	Web App Attack
🇩🇪 alive	2026-01-05 16:48:40 (5 months ago)	Confirmed malicious activity observed via T-Pot honeypot Observed 36 events on port 80 (unknown) fro ... show more Confirmed malicious activity observed via T-Pot honeypot Observed 36 events on port 80 (unknown) from 2026-01-05T16:48:40+00:00 to 2026-01-05T16:49:50.839000+00:00. Sample: {"dest_port": 80, "src_port": 46805, "src_ip": "216.26.229.247"} show less	Port Scan
🇨🇳 ThreatBook.io	2026-01-04 23:21:23 (5 months ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/216.26.229.247 2026-01 ... show more ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/216.26.229.247 2026-01-04 15:30:23 /wp-content/ 2026-01-04 15:30:22 /wp-includes/ 2026-01-04 15:30:21 /wp-json/ show less	Web App Attack
🇺🇸 TPI-Abuse	2026-01-01 17:22:43 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.229.247 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.229.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 01 12:22:39.938416 2026] [security2:error] [pid 2347200:tid 2347200] [client 216.26.229.247:34559] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "engineeringarts.com"] [uri "/wp-config.php"] [unique_id "aVatX1mlmQ8yNyOBPkzE1QAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-01-01 16:09:26 (5 months ago)	Multiple WAF Violations	Web App Attack
Anonymous	2025-12-30 20:39:39 (5 months ago)	"GET /.env HTTP/1.1"	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:37:06 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.229.247 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.229.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:37:02.201114 2025] [security2:error] [pid 32311:tid 32311] [client 216.26.229.247:54313] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "circle-h-growers.com"] [uri "/.svn/wc.db"] [unique_id "aVIFbq-FODeJ-33ig8ZUTAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-12-23 21:20:11 (5 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇧🇪 taivas.nl	2025-12-15 05:32:36 (6 months ago)	Many_bad_calls	Web App Attack
🇧🇪 taivas.nl	2025-12-14 15:02:09 (6 months ago)	Bad_requests	Bad Web Bot
🇺🇸 octageeks.com	2025-11-26 05:09:26 (6 months ago)	Wordpress malicious attack:[octa404]	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:08:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.229.247 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.229.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:08:28.770223 2025] [security2:error] [pid 31752:tid 31752] [client 216.26.229.247:14537] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.robotrodeo.net"] [uri "/.env"] [unique_id "aSQSfLoPPUNWManoM_AK-QAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:19:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.229.247 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.229.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:18:55.899155 2025] [security2:error] [pid 22898:tid 22898] [client 216.26.229.247:23353] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.washburn-books.com"] [uri "/.svn/wc.db"] [unique_id "aSPqv3JxLvlyba9JyC7jbQAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:38:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.229.247 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.229.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:37:48.601772 2025] [security2:error] [pid 30149:tid 30149] [client 216.26.229.247:44219] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.belintxon.com"] [uri "/.git/HEAD"] [unique_id "aSPhHGPcYxmG5zrQilF6IgAAACI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 188.240.59.29

🇸🇳 154.125.54.55

🇨🇦 142.44.225.96

🇷🇴 141.98.83.240

🇺🇸 103.143.10.140

🇺🇸 65.49.1.52

🇧🇪 35.233.9.49

🇭🇰 220.246.41.171

🇰🇷 211.106.133.202

🇹🇭 202.183.141.133

🇻🇳 202.143.110.221

🇺🇸 191.101.33.115

🇺🇸 185.172.52.161

🇷🇺 176.208.127.113

🇸🇬 114.119.133.251

🇩🇪 47.245.134.150

🇺🇸 35.223.129.116

🇧🇷 20.226.2.115

🇺🇸 216.73.217.116

🇸🇪 185.246.130.20