JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.246.119

216.26.246.119 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 29%: ?

29%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.246.119

Whois 216.26.246.119

IP Abuse Reports for 216.26.246.119:

This IP address has been reported a total of 18 times from 13 distinct sources. 216.26.246.119 was first reported on October 29th 2025, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 nationaleventpros.com	2026-06-11 20:35:47 (2 hours ago)	WordPress login attempt	Brute-Force
🇫🇷 ELYAZ	2026-06-11 13:41:47 (9 hours ago)	(y4) Failed scan -byebye- from 216.26.246.119 (DE/Germany/-): (CF_ENABLE)	Hacking
🇩🇪 tvipper.com	2026-06-10 23:58:16 (22 hours ago)	Auto reported by IDS	Hacking
🇲🇹 Malta	2026-06-10 11:23:01 (1 day ago)	216.26.246.119 - - [10/Jun/2026:13:23:01 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintos ... show more 216.26.246.119 - - [10/Jun/2026:13:23:01 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇺🇸 TPI-Abuse	2025-12-09 06:45:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.246.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.246.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 01:45:34.682162 2025] [security2:error] [pid 15315:tid 15315] [client 216.26.246.119:34951] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jessie-wu.com"] [uri "/.git/HEAD"] [unique_id "aTfFjiQoMk6AMtstdm-I7gAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 11:25:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.246.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.246.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 06:25:49.076488 2025] [security2:error] [pid 11989:tid 11989] [client 216.26.246.119:46785] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ardath.net"] [uri "/.env"] [unique_id "aTQSvQKWF9hdauuV-YGk9QAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2025-12-06 01:55:07 (6 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 216.26.246.119 (DE/Germany/-): 1 in ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 216.26.246.119 (DE/Germany/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 13:09:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.246.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.246.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 08:09:48.725021 2025] [security2:error] [pid 9734:tid 9734] [client 216.26.246.119:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hondabvi.com"] [uri "/.env"] [unique_id "aTLZnCzwBP0svLyo8gNyTAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 05:47:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.246.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.246.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 00:47:08.485134 2025] [security2:error] [pid 11401:tid 11401] [client 216.26.246.119:52123] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "xpengineering.com"] [uri "/.git/HEAD"] [unique_id "aTJx3L1jg_Ap4ymgNj0VOgAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 00:40:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.246.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.246.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 19:39:49.777204 2025] [security2:error] [pid 13566:tid 13566] [client 216.26.246.119:50281] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "banjogram.com"] [uri "/.git/HEAD"] [unique_id "aTIp1bCMmHVZg9hhaJ6XCQAAADs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:12:19 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 216.26.246.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 216.26.246.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:12:13.557833 2025] [security2:error] [pid 17023:tid 17082] [client 216.26.246.119:32061] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|unitedonegroup.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "unitedonegroup.com"] [uri "/one.sql"] [unique_id "aSUejb1hG8E8_fObGRh6lAAAARQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-21 18:55:31 (6 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/21 12:53:06	Port Scan Brute-Force Exploited Host Web App Attack
🇪🇸 10dencehispahard SL	2025-11-21 07:43:22 (6 months ago)	WP probing for vulnerabilities	Hacking Exploited Host
Anonymous	2025-11-07 20:10:48 (7 months ago)		Bad Web Bot Web App Attack
🇺🇸 Rip	2025-11-02 18:37:44 (7 months ago)	Authentication attack attempt. CMS Brute Force - Access Forbidden	Brute-Force Web App Attack

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.139.249

🇨🇳 117.177.102.79

🇳🇱 102.129.200.117

🇺🇸 62.72.49.38

🇸🇬 47.79.15.110

🇺🇸 38.95.14.214

🇬🇧 35.203.211.178

🇹🇭 27.254.144.47

🇷🇴 193.46.255.86

🇮🇳 122.186.174.35

🇳🇱 104.23.166.42

🇮🇩 103.154.231.122

🇭🇰 103.56.115.187

🇭🇰 47.243.222.203

🇨🇳 203.76.241.18

🇨🇦 158.69.200.14

🇩🇪 109.207.132.24

🇺🇸 65.111.6.49

🇨🇳 58.216.8.95

🇨🇳 36.133.208.182