JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.243.243

216.26.243.243 was found in our database!

This IP was reported 39 times. Confidence of Abuse is 22%: ?

22%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.243.243

Whois 216.26.243.243

IP Abuse Reports for 216.26.243.243:

This IP address has been reported a total of 39 times from 15 distinct sources. 216.26.243.243 was first reported on October 5th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ELYAZ	2026-06-15 22:14:28 (2 days ago)	(y4) Failed scan -byebye- from 216.26.243.243 (GB/United Kingdom/-): (CF_ENABLE)	Hacking
🇦🇺 aglenday	2026-05-14 08:48:04 (1 month ago)	Honeypot hit: MSSQL traffic (on 1433) without login credentials	Port Scan
🇩🇪 Lino Project	2026-04-23 13:42:31 (1 month ago)	216.26.243.243 - - [23/Apr/2026:15:42:28 +0200] "POST /xmlrpc.php HTTP/2.0" 403 455 "-" "Mozilla/5.0 ... show more 216.26.243.243 - - [23/Apr/2026:15:42:28 +0200] "POST /xmlrpc.php HTTP/2.0" 403 455 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 4server	2026-04-21 10:35:51 (1 month ago)	[TueApr2112:35:46.3669172026][security2:error][pid3025242:tid3025340][client216.26.243.243:0]ModSecu ... show more [TueApr2112:35:46.3669172026][security2:error][pid3025242:tid3025340][client216.26.243.243:0]ModSecurity:Accessdeniedwithcode403$phase1$.Patternmatch\"$\?i$$\?:/\(\?:\^\\|/$\\\\\\\\.$env\\|git\\|svn\\|hg\\|DS_Store$\\|/$\?:wp-config\\|\\\\\\\\.htaccess\\|\\\\\\\\.htpasswd$\\|\\\\\\\\.$\?:sql\\|bak\\|old\\|log$\$\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"156\"][id\"960720\"][msg\"Forbiddenfileaccessattempt\"][severity\"CRITICAL\"][hostname\"farmaciaferrari.ch\"][uri\"/dump.sql\"][unique_id\"aedTAkodPrcZ1V_bs78mcwAAANQ\"] show less	Port Scan Brute-Force Web App Attack
🇨🇭 TheCoon	2026-04-21 03:30:01 (1 month ago)	Automated: Gzip bomb download attempt	Web App Attack Hacking
🇺🇸 WizardsToolkit	2026-04-18 14:06:23 (1 month ago)	attempted to access /mysql.sql	Web App Attack
🇦🇺 MAGIC	2025-12-07 00:08:02 (6 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇧🇪 madeit	2025-11-30 04:33:50 (6 months ago)		Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 05:26:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.243.243 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.243.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 00:26:51.977307 2025] [security2:error] [pid 27197:tid 27197] [client 216.26.243.243:39209] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.zodiacwin.com"] [uri "/.git/HEAD"] [unique_id "aSfhG4cHe0H6bSXLx-FPEwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 16:36:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.243.243 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.243.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 11:36:51.526254 2025] [security2:error] [pid 18922:tid 18922] [client 216.26.243.243:11399] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.maffiniandbearce.com"] [uri "/.git/HEAD"] [unique_id "aScso9eVLe5Iz1NrJk-anAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 08:38:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.243.243 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.243.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:37:56.975729 2025] [security2:error] [pid 3740:tid 3740] [client 216.26.243.243:29467] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.thereisaplaceonearth.com"] [uri "/.env"] [unique_id "aSa8ZJex-fSeZ4m1sxJ-FQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:18:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.243.243 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.243.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:18:01.743824 2025] [security2:error] [pid 15610:tid 15610] [client 216.26.243.243:53309] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.gegkal.com"] [uri "/.svn/wc.db"] [unique_id "aSZjWak8hJ3yYyDnbT6aGgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 kumiko	2025-11-25 20:09:08 (6 months ago)	[2025-11-25 22:09:07] Probing for dotfiles "GET /.svn/wc.db HTTP/1.1" 301	Bad Web Bot Web App Attack
🇫🇮 Shaik Sai Meera	2025-11-25 19:00:52 (6 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇺🇸 TPI-Abuse	2025-11-25 07:00:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.243.243 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.243.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:00:25.112517 2025] [security2:error] [pid 31098:tid 31145] [client 216.26.243.243:23149] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.credit-protector.com"] [uri "/.git/HEAD"] [unique_id "aSVUCdvxIO4YhEJVbH77IgAAAVA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 39 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 147.185.133.187

🇮🇹 82.51.158.253

🇺🇸 65.49.1.206

🇮🇹 46.16.91.106

🇬🇧 35.203.210.198

🇳🇱 176.65.148.84

🇺🇸 172.70.176.138

🇸🇬 118.194.233.253

🇸🇬 84.247.150.156

🇺🇸 65.49.1.238

🇬🇧 45.198.224.46

🇩🇪 45.135.194.83

🇸🇬 43.134.96.24

🇨🇳 221.228.203.3

🇨🇳 180.76.184.79

🇩🇪 176.9.16.227

🇻🇳 171.224.179.207

🇺🇸 165.154.163.10

🇳🇱 141.98.242.169

🇮🇪 130.195.213.165