JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.245.16

216.26.245.16 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.245.16

Whois 216.26.245.16

IP Abuse Reports for 216.26.245.16:

This IP address has been reported a total of 12 times from 6 distinct sources. 216.26.245.16 was first reported on October 16th 2025, and the most recent report was 19 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-11 12:30:11 (19 hours ago)	Web App Attack	Web App Attack
🇫🇷 Sklurk	2026-03-29 00:21:46 (2 months ago)	Web App Attack	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-01-17 09:09:22 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.245.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.245.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 04:09:18.960897 2026] [security2:error] [pid 2243743:tid 2243743] [client 216.26.245.16:58821] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.gregdember.com"] [uri "/.env"] [unique_id "aWtRvm51Soz5x1Ql_Sa1EQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 22:02:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.245.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.245.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:01:59.730165 2025] [security2:error] [pid 8892:tid 8914] [client 216.26.245.16:45459] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "victorchiarizia.com"] [uri "/.env"] [unique_id "aS9h15d6ZOW3hPTal_sqDgAAARM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 19:37:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.245.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.245.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 14:37:20.158930 2025] [security2:error] [pid 13742:tid 13742] [client 216.26.245.16:24841] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stoveclockrepair.com"] [uri "/.svn/wc.db"] [unique_id "aS8_8AC5VDQF00kiqWvEsAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 18:58:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.245.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.245.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 13:58:47.427481 2025] [security2:error] [pid 17606:tid 17606] [client 216.26.245.16:56749] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "williamfitzsimmons.com"] [uri "/.git/HEAD"] [unique_id "aS8256WE1XPTNN2CjNba6QAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 17:05:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.245.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.245.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 12:05:17.225678 2025] [security2:error] [pid 1837:tid 1837] [client 216.26.245.16:24307] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dreamscometruefilms.com"] [uri "/.env"] [unique_id "aS8cTabOD9F9YcgBhKnfMgAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:55:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.245.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.245.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:55:44.340256 2025] [security2:error] [pid 11019:tid 11019] [client 216.26.245.16:21193] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hakanararat.com"] [uri "/.svn/wc.db"] [unique_id "aS5xULhRsvbI6FvoptgK5gAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 13:55:19 (6 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/14 07:53:35	Port Scan Brute-Force Exploited Host Web App Attack
🇩🇪 Marc	2025-10-29 19:44:15 (7 months ago)		Brute-Force Web App Attack
🇩🇪 bsoft.de	2025-10-16 06:13:45 (7 months ago)	216.26.245.16 - - [16/Oct/2025:08:13:37 +0200] "POST /xmlrpc.php HTTP/1.1" 200 426 "-" "Mozilla/5.0 ... show more 216.26.245.16 - - [16/Oct/2025:08:13:37 +0200] "POST /xmlrpc.php HTTP/1.1" 200 426 "-" "Mozilla/5.0 (iPad; CPU OS 11_2_6 like Mac OS X) AppleWebKit/604.1.34 (KHTML, like Gecko) CriOS/64.0.3282.112 Mobile/15D100 Safari/604.1" 216.26.245.16 - - [16/Oct/2025:08:13:41 +0200] "POST /xmlrpc.php HTTP/1.1" 200 426 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_2 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Mobile/11D257" 216.26.245.16 - - [16/Oct/2025:08:13:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 426 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; FunWebProducts)" show less	Web App Attack

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 125.19.183.202

🇺🇸 172.245.16.13

🇦🇺 170.64.167.72

🇩🇪 167.94.145.17

🇨🇳 119.96.81.99

🇺🇸 45.74.252.95

🇺🇸 2a03:2880:24ff:46::

🇺🇸 208.84.100.96

🇺🇸 172.217.107.17

🇺🇸 149.18.169.93

🇺🇸 74.114.29.19

🇺🇸 66.132.195.28

🇮🇳 64.227.146.163

🇬🇧 35.203.210.77

🇺🇸 162.216.149.172

🇺🇸 159.223.184.114

🇺🇸 152.32.207.179

🇺🇸 144.172.99.66

🇨🇳 115.208.55.4

🇮🇩 114.125.30.93