JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.245.213

216.26.245.213 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 45%: ?

45%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.245.213

Whois 216.26.245.213

IP Abuse Reports for 216.26.245.213:

This IP address has been reported a total of 20 times from 12 distinct sources. 216.26.245.213 was first reported on October 27th 2025, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇹 Malta	2026-06-26 23:55:48 (4 hours ago)	216.26.245.213 - - [27/Jun/2026:01:55:48 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintos ... show more 216.26.245.213 - - [27/Jun/2026:01:55:48 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Hacking Web App Attack
🇧🇪 brechtr	2026-06-25 06:41:28 (1 day ago)	[Press84-BanHammer] bad username — Sourced from: brechtryckaert.com — Request: POST /wp-login.php	Brute-Force
🇺🇸 cwytech	2026-06-22 19:20:46 (4 days ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/wp-us-login-only-high.	Bad Web Bot Web App Attack
🇺🇸 lostswordfish.com	2026-06-21 13:12:03 (5 days ago)	Wordfence waf block on pameganslaw	Web App Attack
🇩🇪 FeG Deutschland	2026-06-19 00:41:26 (1 week ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2	Exploited Host Web App Attack
🇫🇷 pm33	2026-06-16 17:38:12 (1 week ago)	Wordpress login attempts	Brute-Force
🇫🇷 tecnicorioja	2026-06-13 22:01:33 (1 week ago)	wp-login attack [13/Jun/2026:03:25:59	Brute-Force Web App Attack
🇲🇹 Malta	2026-06-10 14:23:13 (2 weeks ago)	216.26.245.213 - - [10/Jun/2026:16:23:13 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintos ... show more 216.26.245.213 - - [10/Jun/2026:16:23:13 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Hacking Web App Attack
🇲🇽 octageeks.com	2026-06-10 04:57:19 (2 weeks ago)	Wordpress malicious attack:[octawpauthor]	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (3 months ago)	"DDoS against public endpoint"	DDoS Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:50 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-25 06:20:53 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.245.213 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.245.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:20:36.491144 2025] [security2:error] [pid 12437:tid 12437] [client 216.26.245.213:37483] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.dosrios.com.mx"] [uri "/.svn/wc.db"] [unique_id "aSVKtBmaRZo7SfSM3GkobQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:45:29 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.245.213 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.245.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:45:20.139299 2025] [security2:error] [pid 12478:tid 12478] [client 216.26.245.213:30019] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.urbanrepairs.michaelward.com"] [uri "/.env"] [unique_id "aSU0YMK57VrXVGzDjsxPigAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:23:34 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.245.213 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.245.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:23:30.977308 2025] [security2:error] [pid 22057:tid 22057] [client 216.26.245.213:43437] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.desertautoworks.com"] [uri "/.git/HEAD"] [unique_id "aSUvQmKhCWQz88FFK7YRrwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:48:22 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.245.213 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.245.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:48:17.042906 2025] [security2:error] [pid 7326:tid 7519] [client 216.26.245.213:60231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.mecconsultant.com"] [uri "/.git/HEAD"] [unique_id "aST80dNUaJ5dFUuoaTxnewAAAMU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 165.154.36.113

🇸🇬 185.200.116.86

🇺🇸 162.216.150.94

🇹🇭 159.192.133.140

🇺🇿 144.124.192.42

🇨🇦 138.197.138.246

🇨🇦 85.217.149.57

🇫🇷 82.64.38.234

🇰🇷 59.21.37.60

🇳🇱 45.156.128.127

🇯🇵 2620:171:a4:f001:9999::242

🇺🇸 216.25.89.106

🇸🇾 205.209.67.3

🇬🇧 195.206.182.195

🇺🇿 195.158.16.60

🇬🇧 188.240.59.54

🇺🇸 173.194.97.24

🇺🇸 172.245.102.3

🇺🇿 144.124.192.36

🇫🇮 85.192.31.14