JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.247.103

216.26.247.103 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 19%: ?

19%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.247.103

Whois 216.26.247.103

IP Abuse Reports for 216.26.247.103:

This IP address has been reported a total of 12 times from 7 distinct sources. 216.26.247.103 was first reported on November 2nd 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 etu brutus	2026-06-22 17:21:42 (1 day ago)	216.26.247.103 Blocked by [Attack Vector List] ...	Hacking Brute-Force Exploited Host
🇫🇷 ELYAZ	2026-06-20 06:00:09 (3 days ago)	(y4) Failed scan -byebye- from 216.26.247.103 (ES/Spain/-): (CF_ENABLE)	Hacking
🇳🇿 billyborsht	2026-05-15 23:06:23 (1 month ago)	2026-05-16T11:06:21.791540+12:00 southern wordpress(poetryinhell.org)[903906]: Authentication attemp ... show more 2026-05-16T11:06:21.791540+12:00 southern wordpress(poetryinhell.org)[903906]: Authentication attempt for unknown user [email protected] from 216.26.247.103 ... show less	Hacking Web App Attack
🇨🇳 ThreatBook.io	2026-04-23 22:04:11 (2 months ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/216.26.247.103 2026-04 ... show more ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/216.26.247.103 2026-04-23 06:32:43 /183.230.130.173.tar.gz 2026-04-23 06:32:50 /r57eng.php 2026-04-23 06:32:47 /users.mdb 2026-04-23 06:32:48 /dump.tar 2026-04-23 06:32:51 /Read_Me.txt 2026-04-23 06:32:45 /api/v2.0/swagger.json 2026-04-23 06:32:46 /183.230.130.173-backup.tar.gz 2026-04-23 06:32:50 /admin-console 2026-04-23 06:32:52 /admin/database.tar 2026-04-23 06:32:46 /api/v1/openapi.json show less	Web App Attack
🇺🇸 fortypoundhead	2026-01-15 15:13:34 (5 months ago)	SQL Injection Attempt	SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:12:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.103 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:12:22.462673 2025] [security2:error] [pid 3165:tid 3165] [client 216.26.247.103:43311] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.partybussantafe.com"] [uri "/.svn/wc.db"] [unique_id "aSQhdk5hM8PldqrvXJXRvQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:20:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.103 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:20:13.698611 2025] [security2:error] [pid 3463310:tid 3463310] [client 216.26.247.103:11361] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arroceraomoa.com"] [uri "/.git/HEAD"] [unique_id "aSQHLXMLk05tPvRbqy5FdwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:23:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.103 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:23:36.143406 2025] [security2:error] [pid 24042:tid 24042] [client 216.26.247.103:22931] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.ryszardwycisk.com"] [uri "/.env"] [unique_id "aSPr2PGV_oO6Kdct3MQ6rAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:30:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.103 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:30:10.929062 2025] [security2:error] [pid 20502:tid 20502] [client 216.26.247.103:36421] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.brinkworthmodels.com"] [uri "/.git/HEAD"] [unique_id "aSPfUrmFsxUMceshhRYAUAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:11:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.103 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:11:26.836596 2025] [security2:error] [pid 3965259:tid 3965328] [client 216.26.247.103:33431] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.famousafricanamericanartist.com"] [uri "/.svn/wc.db"] [unique_id "aSPa7sHsvdKIeQe-cM_0MwAAAUM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-13 17:51:44 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/13 11:51:15	Port Scan Brute-Force Exploited Host Web App Attack
Anonymous	2025-11-02 21:08:28 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 07:37:51	Port Scan Brute-Force Exploited Host Web App Attack

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 64.89.163.137

🇱🇹 62.60.130.219

🇺🇸 20.127.202.128

🇵🇭 206.62.40.85

🇧🇷 205.164.235.187

🇦🇺 203.194.5.183

🇧🇷 201.216.81.65

🇷🇴 193.46.255.86

🇸🇬 193.37.32.228

🇮🇹 188.219.104.210

🇸🇬 172.253.211.93

🇺🇸 138.68.41.12

🇨🇦 85.217.149.42

🇨🇳 60.188.205.24

🇦🇷 45.238.106.189

🇮🇳 42.107.239.203

🇹🇷 213.142.151.136

🇬🇧 198.244.240.137

🇺🇸 193.19.109.217

🇻🇳 103.199.16.90