JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.247.207

216.26.247.207 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 40%: ?

40%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.247.207

Whois 216.26.247.207

IP Abuse Reports for 216.26.247.207:

This IP address has been reported a total of 19 times from 13 distinct sources. 216.26.247.207 was first reported on December 26th 2025, and the most recent report was 18 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 FeG Deutschland	2026-06-25 05:49:05 (18 hours ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇫🇷 ELYAZ	2026-06-23 22:41:49 (2 days ago)	(y4) Failed scan -byebye- from 216.26.247.207 (ES/Spain/-): (CF_ENABLE)	Hacking
🇫🇷 Sklurk	2026-06-23 03:44:18 (2 days ago)	Web App Attack	Web App Attack
🇺🇸 lostswordfish.com	2026-06-18 18:54:03 (1 week ago)	Wordfence waf block on fypeducation	Web App Attack
🇫🇷 pm33	2026-06-17 04:12:50 (1 week ago)	Wordpress login attempts	Brute-Force
🇲🇹 Malta	2026-06-15 15:24:25 (1 week ago)	216.26.247.207 - - [15/Jun/2026:17:24:25 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Lin ... show more 216.26.247.207 - - [15/Jun/2026:17:24:25 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64; rv:118.0) Gecko/20100101 Firefox/118.0" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇩🇪 FeG Deutschland	2026-06-11 06:56:17 (2 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇩🇪 4server	2026-04-21 14:57:40 (2 months ago)	[TueApr2116:57:36.1749792026][security2:error][pid3025358:tid3025370][client216.26.247.207:0]ModSecu ... show more [TueApr2116:57:36.1749792026][security2:error][pid3025358:tid3025370][client216.26.247.207:0]ModSecurity:Accessdeniedwithcode403$phase1$.Patternmatch\"$\?i$$\?:/\(\?:\^\\|/$\\\\\\\\.$env\\|git\\|svn\\|hg\\|DS_Store$\\|/$\?:wp-config\\|\\\\\\\\.htaccess\\|\\\\\\\\.htpasswd$\\|\\\\\\\\.$\?:sql\\|bak\\|old\\|log$\$\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"156\"][id\"960720\"][msg\"Forbiddenfileaccessattempt\"][severity\"CRITICAL\"][hostname\"bno.ch\"][uri\"/db.sql\"][unique_id\"aeeQYBhJ3UcICK2T19yZfAAAAQk\"] show less	Port Scan Brute-Force Web App Attack
Anonymous	2026-04-18 22:45:18 (2 months ago)	"GET http://<domain>.com/backup.sql HTTP/1.1"	Hacking Web App Attack
🇺🇸 oncord	2026-04-13 02:49:08 (2 months ago)	Form spam	Web Spam
Anonymous	2026-01-05 20:14:50 (5 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2026-01-02 18:39:25 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.207 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 02 13:39:17.375615 2026] [security2:error] [pid 21145:tid 21145] [client 216.26.247.207:21197] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.skintormint.com"] [uri "/.git/HEAD"] [unique_id "aVgQ1dRUeXnjrfghvRsEGgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2025-12-29 03:50:06 (5 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 01:30:33 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.207 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 20:30:27.490683 2025] [security2:error] [pid 32740:tid 32740] [client 216.26.247.207:36649] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dennisconnellyphotography.com"] [uri "/.git/HEAD"] [unique_id "aVHZszeqsG-JwThbpjo4NwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-27 19:54:26 (5 months ago)	"GET /.svn/wc.db HTTP/1.1"	Hacking Web App Attack

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇭 209.99.190.113

🇧🇪 198.235.24.253

🇩🇪 185.201.136.55

🇺🇸 174.49.156.76

🇬🇧 35.203.210.86

🇺🇸 35.169.206.177

🇺🇸 209.6.179.81

🇪🇸 185.121.15.184

🇳🇬 102.88.137.213

🇺🇸 69.49.112.62

🇺🇸 52.224.242.102

🇸🇦 51.36.51.99

🇧🇷 45.235.180.155

🇧🇷 45.184.216.81

🇬🇧 35.203.210.136

🇺🇸 20.65.194.66

🇸🇬 8.222.230.46

🇺🇸 205.210.31.73

🇹🇼 198.235.24.52

🇦🇷 190.196.253.76