JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.247.124

216.26.247.124 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 23%: ?

23%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.247.124

Whois 216.26.247.124

IP Abuse Reports for 216.26.247.124:

This IP address has been reported a total of 14 times from 11 distinct sources. 216.26.247.124 was first reported on October 13th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ELYAZ	2026-06-15 16:42:02 (2 days ago)	(y4) Failed scan -byebye- from 216.26.247.124 (ES/Spain/-): (CF_ENABLE)	Hacking
🇲🇹 Malta	2026-06-15 15:25:14 (2 days ago)	216.26.247.124 - - [15/Jun/2026:17:25:14 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintos ... show more 216.26.247.124 - - [15/Jun/2026:17:25:14 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1; rv:118.0) Gecko/20100101 Firefox/118.0" show less	Hacking Web App Attack
🇲🇽 octageeks.com	2026-06-15 04:15:14 (2 days ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇺🇸 myagent.site	2025-12-30 06:36:10 (5 months ago)	Blocking for trying to access an exploit file: /xmlrpc.php	Hacking
🇺🇸 TPI-Abuse	2025-12-29 09:23:26 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.124 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 04:23:18.930573 2025] [security2:error] [pid 14049:tid 14049] [client 216.26.247.124:44133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dipseanet.com"] [uri "/.svn/wc.db"] [unique_id "aVJIhtAlt1s9P6t6AcWblwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2025-12-29 09:05:31 (5 months ago)	Xmlrpc Caught (6)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 06:54:00 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.124 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:53:54.058959 2025] [security2:error] [pid 3716:tid 3716] [client 216.26.247.124:35153] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wsspy.com"] [uri "/.env"] [unique_id "aVIlgoFkZMoPfYoseGWJJQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:42:06 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.124 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:42:02.598708 2025] [security2:error] [pid 13034:tid 13034] [client 216.26.247.124:41781] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "newcitypark.com"] [uri "/.git/HEAD"] [unique_id "aVIUqrx2Eqo04JGPQ3dZEgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:06:09 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.124 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:06:00.776183 2025] [security2:error] [pid 6209:tid 6209] [client 216.26.247.124:28995] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "menagri.com"] [uri "/.svn/wc.db"] [unique_id "aVH-KMscMrt1v4CP_S4C7AAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 15:52:10 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/14 09:50:32	Port Scan Brute-Force Exploited Host Web App Attack
Anonymous	2025-11-01 19:09:09 (7 months ago)	[redacted] 216.26.247.124 - - [01/Nov/2025:20:08:57 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" " ... show more [redacted] 216.26.247.124 - - [01/Nov/2025:20:08:57 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A405 Safari/600.1.4" [redacted] 216.26.247.124 - - [01/Nov/2025:20:08:58 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 11_3_1 like Mac OS X) AppleWebKit/604.1.34 (KHTML, like Gecko) GSA/49.0.195456936 Mobile/15E302 Safari/604.1" [redacted] 216.26.247.124 - - [01/Nov/2025:20:08:59 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.101 Safari/537.36" [redacted] 216.26.247.124 - - [01/Nov/2025:20:09:00 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_4) AppleWebKit/601.5.17 (KHTML, like Gecko) Version/9.1 Safari/601.5.17" joerg-shimon-schuldhess. ... show less	Hacking Web App Attack
🇫🇷 applemooz	2025-11-01 11:06:09 (7 months ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack
Anonymous	2025-10-30 13:55:01 (7 months ago)	WordPress Brute Force	Brute-Force
🇺🇸 nowyouknow	2025-10-13 18:15:45 (8 months ago)	(From [email protected]) Hey there, We have an exclusive opportunity for your website bu ... show more (From [email protected]) Hey there, We have an exclusive opportunity for your website burnschiropractic.com : https://www.youtube.com/watch?v=GY1x2NWs9EA?burnschiropractic.com Fed up with subscribing to dozens of AI tools? With EveryAI you can use an all-in-one board that provides many intelligent systems with lifetime access. Build websites, craft copy, develop marks, generate cinematic videos, speaking figures… and keep 100% of your income under a commercial license. Looking to boost profit, simplify tasks, and stay in full control? It kicks off here. Preview now: https://www.youtube.com/watch?v=GY1x2NWs9EA?burnschiropractic.com show less	Phishing Web Spam

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 121.202.135.172

🇮🇩 103.191.14.243

🇷🇺 84.53.238.67

🇺🇸 52.22.87.224

🇳🇱 45.148.10.157

🇨🇳 222.244.170.206

🇺🇸 208.84.100.96

🇹🇼 198.235.24.99

🇨🇳 182.123.229.94

🇺🇸 147.185.132.24

🇻🇳 113.177.27.200

🇮🇩 103.168.125.6

🇳🇱 91.92.40.19

🇺🇸 47.251.24.77

🇹🇷 31.145.131.202

🇹🇼 1.168.78.170

🇷🇸 198.143.181.79

🇳🇬 165.154.176.251

🇭🇰 152.32.212.226

🇨🇳 112.36.30.223