JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.243.240

216.26.243.240 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 27%: ?

27%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.243.240

Whois 216.26.243.240

IP Abuse Reports for 216.26.243.240:

This IP address has been reported a total of 30 times from 14 distinct sources. 216.26.243.240 was first reported on October 11th 2025, and the most recent report was 11 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 abuse-detection	2026-06-27 22:25:36 (11 hours ago)	Web security detection (http-wordpress-auth-probes); path=/wp-login.php; status=301	Brute-Force Web App Attack
🇬🇧 poundawebsiteltd	2026-06-27 18:54:29 (14 hours ago)	WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 216.26.243.240 - - [27/Jun/2026:19:54:22 +0100] ... show more WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 216.26.243.240 - - [27/Jun/2026:19:54:22 +0100] POST /wp-login.php HTTP/1.1 200 7362 https://[REDACTED_DOMAIN]/wp-login.php Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0 show less	Web App Attack
🇫🇷 ELYAZ	2026-06-26 02:42:10 (2 days ago)	(y4) Failed scan -byebye- from 216.26.243.240 (GB/United Kingdom/-): (CF_ENABLE)	Hacking
🇫🇷 Sklurk	2026-06-23 04:18:59 (5 days ago)	Web App Attack	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (3 months ago)	"DDoS against public endpoint"	DDoS Attack
🇪🇸 10dencehispahard SL	2026-01-26 10:34:30 (5 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇱🇻 garmtech.com	2026-01-17 11:46:59 (5 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇱🇻 garmtech.com	2026-01-12 09:34:04 (5 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 11-34.216.26.243.240.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 11-34.216.26.243.240.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 ipblock.com	2026-01-11 17:32:00 (5 months ago)	IPBlock protected site ID [4055-d][s=01]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 20:02:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.243.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.243.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 15:02:34.807437 2025] [security2:error] [pid 13576:tid 13576] [client 216.26.243.240:53009] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rktect.com"] [uri "/.svn/wc.db"] [unique_id "aS9F2rYFSn1TVvDMTVHKMAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 19:11:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.243.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.243.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 14:11:39.006938 2025] [security2:error] [pid 793:tid 793] [client 216.26.243.240:45057] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sealcoatnj.com"] [uri "/.env"] [unique_id "aS8564zwOduJwnY9EuGXfAAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 18:38:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.243.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.243.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 13:38:04.405137 2025] [security2:error] [pid 23472:tid 23472] [client 216.26.243.240:50189] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wryemusings.com"] [uri "/.git/HEAD"] [unique_id "aS8yDA-JZx07WBl9-UBGYgAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 10:42:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.243.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.243.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 05:42:25.123145 2025] [security2:error] [pid 3199:tid 3199] [client 216.26.243.240:47451] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gdijoe.com"] [uri "/.git/HEAD"] [unique_id "aS7CkVM1bKWYAn5x5eOniQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 08:06:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.243.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.243.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 03:06:43.863328 2025] [security2:error] [pid 18932:tid 18932] [client 216.26.243.240:25805] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cmcnow.com"] [uri "/.svn/wc.db"] [unique_id "aS6eE_N_rKiWeKaZQczR2gAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 03:01:28 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.243.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.243.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 22:01:24.450885 2025] [security2:error] [pid 15698:tid 15698] [client 216.26.243.240:25051] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "andrsn.com"] [uri "/.svn/wc.db"] [unique_id "aSZthBV6DU4Ohv_ZyieM8QAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 172.236.8.193

🇷🇺 154.83.196.237

🇳🇱 91.92.42.212

🇸🇬 20.24.9.187

🇨🇳 221.1.141.86

🇰🇷 210.118.224.138

🇺🇿 194.107.115.199

🇬🇧 193.163.125.169

🇨🇳 180.153.236.10

🇵🇰 123.253.95.255

🇪🇸 83.37.244.84

🇺🇸 68.225.185.11

🇺🇸 64.23.214.73

🇨🇳 47.103.48.50

🇺🇸 45.148.234.184

🇨🇳 42.248.182.233

🇲🇽 38.56.248.74

🇮🇶 37.239.161.10

🇮🇳 20.193.146.159

🇦🇿 5.134.53.50