JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.243.254

216.26.243.254 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 22%: ?

22%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.243.254

Whois 216.26.243.254

IP Abuse Reports for 216.26.243.254:

This IP address has been reported a total of 25 times from 10 distinct sources. 216.26.243.254 was first reported on October 10th 2025, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ELYAZ	2026-06-26 02:41:29 (16 hours ago)	(y4) Failed scan -byebye- from 216.26.243.254 (GB/United Kingdom/-): (CF_ENABLE)	Hacking
🇺🇸 cwytech	2026-06-25 16:21:59 (1 day ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/wordpress-login-lockdown-high.	Bad Web Bot Web App Attack
🇫🇷 Sklurk	2026-06-20 02:39:02 (6 days ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 08:12:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.243.254 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.243.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 03:12:19.916138 2025] [security2:error] [pid 2270:tid 2270] [client 216.26.243.254:41673] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.cormanleigh.com"] [uri "/.svn/wc.db"] [unique_id "aSgH4_TGnSno4FcAauOm7QAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 21:15:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.243.254 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.243.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 16:15:47.042416 2025] [security2:error] [pid 23556:tid 23556] [client 216.26.243.254:46421] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.weroinc.com"] [uri "/.svn/wc.db"] [unique_id "aSduA6fnHT1WAc0W1r9IAAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:39:57 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.243.254 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.243.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:39:54.269430 2025] [security2:error] [pid 32264:tid 32264] [client 216.26.243.254:41767] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wendywonjungkim.title26.com"] [uri "/.git/HEAD"] [unique_id "aSVPOjiATWNdB9aDsaxJuwAAACc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:18:10 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.243.254 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.243.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:18:03.929823 2025] [security2:error] [pid 7576:tid 7576] [client 216.26.243.254:18375] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.321q.com"] [uri "/.git/HEAD"] [unique_id "aSVKGwF5CaYjfUsVSVV9UwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:51:29 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.243.254 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.243.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:51:25.900605 2025] [security2:error] [pid 13523:tid 13523] [client 216.26.243.254:24033] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.axiomemail.net"] [uri "/.git/HEAD"] [unique_id "aSVD3WAbcyb468h6cFKJAgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:01:00 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.243.254 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.243.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:00:56.142886 2025] [security2:error] [pid 572:tid 572] [client 216.26.243.254:50843] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.wplusw.com"] [uri "/.svn/wc.db"] [unique_id "aSU4CBo7Kigp8ozYr8hi4QAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:37:39 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.243.254 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.243.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:37:31.887797 2025] [security2:error] [pid 2129:tid 2129] [client 216.26.243.254:29667] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.tandm.us"] [uri "/.git/HEAD"] [unique_id "aSUyi33JmEQPuUGhzfDKIwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:58:42 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.243.254 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.243.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:58:37.874420 2025] [security2:error] [pid 11132:tid 11132] [client 216.26.243.254:12977] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.hangrypandas.com"] [uri "/.env"] [unique_id "aSUpbYhdE5OEIQGhLGdItgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-25 03:29:42 (7 months ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇪🇸 loadsoporte	2025-11-25 03:03:19 (7 months ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇺🇸 TPI-Abuse	2025-11-25 02:10:05 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.243.254 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.243.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:09:58.803689 2025] [security2:error] [pid 4311:tid 4329] [client 216.26.243.254:21835] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.steedtimber.com"] [uri "/.git/HEAD"] [unique_id "aSUP9qO7-HhXDlACxWpUzQAAAIU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:54:40 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.243.254 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.243.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:54:37.055734 2025] [security2:error] [pid 31244:tid 31244] [client 216.26.243.254:14039] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mitchellfabrication.mitchellamazing.com"] [uri "/.git/HEAD"] [unique_id "aSUMXWmo9F6fPc7_2EyDVwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇴 193.46.255.86

🇺🇸 147.185.132.195

🇺🇸 23.227.173.175

🇧🇷 205.210.31.196

🇫🇮 147.185.133.157

🇺🇸 147.185.132.219

🇺🇸 147.185.132.53

🇧🇬 78.128.113.22

🇺🇸 74.125.184.148

🇺🇸 54.159.156.156

🇨🇭 20.203.180.35

🇺🇸 216.73.216.251

🇻🇳 113.185.76.187

🇨🇳 106.75.239.166

🇳🇱 45.148.10.157

🇨🇳 42.236.208.92

🇬🇧 193.163.125.73

🇷🇴 193.32.162.82

🇵🇰 160.187.180.146

🇮🇳 152.52.158.42