JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.244.172

216.26.244.172 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.244.172

Whois 216.26.244.172

IP Abuse Reports for 216.26.244.172:

This IP address has been reported a total of 15 times from 5 distinct sources. 216.26.244.172 was first reported on October 1st 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-05-22 12:45:03 (2 weeks ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 21:20:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.244.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.244.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 16:20:41.964395 2025] [security2:error] [pid 28008:tid 28008] [client 216.26.244.172:34211] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.missingfilm.com"] [uri "/.svn/wc.db"] [unique_id "aSdvKeD40QEs-6C_stfkwAAAAD0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 20:59:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.244.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.244.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 15:59:31.660007 2025] [security2:error] [pid 24753:tid 24753] [client 216.26.244.172:10487] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.gdrankin.com"] [uri "/.env"] [unique_id "aSdqMxVPye3WIETrvLTQeQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 17:12:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.244.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.244.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 12:12:42.368064 2025] [security2:error] [pid 2266:tid 2266] [client 216.26.244.172:53761] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.rphenry.com"] [uri "/.svn/wc.db"] [unique_id "aSc1CoLdK35W8MOThttIawAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:38:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.244.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.244.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:38:40.437307 2025] [security2:error] [pid 20736:tid 20736] [client 216.26.244.172:15079] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.kv-10.com"] [uri "/.env"] [unique_id "aSVO8N0dyOigOtISkFY4WQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:52:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.244.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.244.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:52:28.786956 2025] [security2:error] [pid 17076:tid 17076] [client 216.26.244.172:18195] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.soonerstone.com"] [uri "/.svn/wc.db"] [unique_id "aSVEHKnfx6sLeWKAbvd7OgAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:16:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.244.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.244.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:16:03.660405 2025] [security2:error] [pid 19919:tid 19919] [client 216.26.244.172:53291] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.globalsecurity360.com"] [uri "/.git/HEAD"] [unique_id "aSU7k5HABRbs046SQ0aQugAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:59:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.244.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.244.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:59:48.624425 2025] [security2:error] [pid 13735:tid 13735] [client 216.26.244.172:29979] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.gemconsulting.world"] [uri "/.env"] [unique_id "aSU3xIVYV4V9jzsXXXe6EwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:06:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.244.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.244.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:06:15.134173 2025] [security2:error] [pid 13756:tid 13849] [client 216.26.244.172:10569] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.aiegroup.com"] [uri "/.env"] [unique_id "aSUrNy2vRx1ksuNuFaHAZgAAAM8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:44:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.244.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.244.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:44:12.083414 2025] [security2:error] [pid 32700:tid 32705] [client 216.26.244.172:15161] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.xavidominguez.com"] [uri "/.env"] [unique_id "aSUmDLcrjRrp2J9TXtylEgAAAMI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:09:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.244.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.244.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:08:56.515947 2025] [security2:error] [pid 20187:tid 20187] [client 216.26.244.172:51591] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.alessiosilvestrin.com"] [uri "/.env"] [unique_id "aSUPuB85N4MghYDjcwGPyAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:46:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.244.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.244.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:46:10.661483 2025] [security2:error] [pid 27278:tid 27278] [client 216.26.244.172:15301] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.cureforcancerbook.com"] [uri "/.git/HEAD"] [unique_id "aST8UjueLfHFmhQlnUy8GAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-25 00:40:08 (6 months ago)	suspicious request in access.log	Web App Attack
Anonymous	2025-10-04 21:49:34 (8 months ago)	wordpress-trap	Web App Attack
🇮🇹 Rosh	2025-10-01 12:47:00 (8 months ago)	[10/01/25 14:46:59] SSH: authentication failure	Brute-Force SSH

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 217.14.62.17

🇩🇪 213.209.159.238

🇺🇸 209.85.222.182

🇺🇸 198.2.184.69

🇬🇧 178.253.31.121

🇺🇸 172.191.178.243

🇩🇪 46.249.99.46

🇷🇺 195.242.83.27

🇺🇸 185.180.141.49

🇹🇭 184.22.144.144

🇮🇩 182.2.190.67

🇺🇸 165.22.176.30

🇩🇪 141.11.187.21

🇨🇳 117.81.212.152

🇵🇰 111.68.98.152

🇻🇳 103.138.113.149

🇱🇹 81.30.98.144

🇹🇼 36.224.251.223

🇸🇪 5.34.247.210

🇷🇺 217.14.62.196