JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.247.154

216.26.247.154 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.247.154

Whois 216.26.247.154

IP Abuse Reports for 216.26.247.154:

This IP address has been reported a total of 23 times from 15 distinct sources. 216.26.247.154 was first reported on October 19th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 4server	2026-05-26 11:47:06 (2 weeks ago)	[TueMay2613:46:59.6210012026][security2:error][pid1652575:tid1652918][client216.26.247.154:0]ModSecu ... show more [TueMay2613:46:59.6210012026][security2:error][pid1652575:tid1652918][client216.26.247.154:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\"wp-config\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"comarcosa.com\"][uri\"/wp-config.php.old\"][unique_id\"ahWIM0ycgQ3havrfoLr5aQAAAQA\"] show less	Hacking Web App Attack
Anonymous	2026-03-01 05:44:07 (3 months ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇬🇧 Swiptly	2026-01-14 14:21:25 (4 months ago)	Bot scanning for environment files .env .env/\* ...	Web App Attack
🇺🇸 TPI-Abuse	2026-01-12 22:48:00 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.154 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 12 17:47:55.646150 2026] [security2:error] [pid 14530:tid 14530] [client 216.26.247.154:13431] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "birascreekresort.com"] [uri "/.git/HEAD"] [unique_id "aWV6G6bcT5KS4kA6eV50DwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-05 20:15:40 (5 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇪🇸 Gem	2025-11-28 23:12:28 (6 months ago)	Unauthorized web scan.	Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 21:58:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.154 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 16:58:30.971078 2025] [security2:error] [pid 31179:tid 31179] [client 216.26.247.154:24591] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "grasslakepizzatime.com"] [uri "/.git/HEAD"] [unique_id "aSjJhtv9NUVGpRgIpiM1AwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 10:52:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.154 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:52:14.073498 2025] [security2:error] [pid 22648:tid 22648] [client 216.26.247.154:29727] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.polymermembranes.com"] [uri "/.svn/wc.db"] [unique_id "aSbb3lHk3Uk4dijN6_uujQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 09:15:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.154 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 04:15:47.701670 2025] [security2:error] [pid 8950:tid 8950] [client 216.26.247.154:48673] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.everpickon.chevronparkett.com"] [uri "/.svn/wc.db"] [unique_id "aSbFQzBwg-H5sgNdb_nHbwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 aks4226	2025-11-26 08:29:14 (6 months ago)	Bot search, attacking common web applications.	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:53:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.154 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:53:03.331833 2025] [security2:error] [pid 7673:tid 7673] [client 216.26.247.154:17313] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.godarise.kidswow.com"] [uri "/.git/HEAD"] [unique_id "aSZPbxI64fkCmQdoiO1MSgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:33:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.154 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:33:36.466130 2025] [security2:error] [pid 18130:tid 18130] [client 216.26.247.154:46963] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "banisglobalenterprises.banis-associates.com"] [uri "/.env"] [unique_id "aSUVgJJLolug7omswd3-KgAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:01:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.154 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:01:54.773147 2025] [security2:error] [pid 17023:tid 17086] [client 216.26.247.154:52319] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ahrgroup.com"] [uri "/.git/HEAD"] [unique_id "aSTx8r1hG8E8_fObGRhOQAAAARg"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Interceptor_HQ	2025-11-24 18:43:48 (6 months ago)	request_uri: /.git/HEAD -- automatic report --	Hacking Brute-Force
🇱🇻 garmtech.com	2025-11-24 16:13:24 (6 months ago)	Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing ... show more Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing. show less	Web App Attack

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.250.52.75

🇺🇸 216.24.219.188

🇸🇬 193.37.32.179

🇭🇰 118.26.36.195

🇹🇼 111.253.47.33

🇺🇸 66.132.186.246

🇺🇸 198.46.134.48

🇫🇷 151.80.77.244

🇮🇳 123.136.194.18

🇰🇷 122.202.250.160

🇭🇰 103.203.56.2

🇩🇪 47.245.139.22

🇳🇱 45.148.10.240

🇳🇱 45.148.10.141

🇹🇿 41.59.229.33

🇺🇸 17.241.227.48

🇳🇱 213.177.179.152

🇳🇱 204.76.203.219

🇨🇬 197.214.239.35

🇵🇱 194.180.49.217