JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.247.223

216.26.247.223 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 46%: ?

46%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.247.223

Whois 216.26.247.223

IP Abuse Reports for 216.26.247.223:

This IP address has been reported a total of 13 times from 10 distinct sources. 216.26.247.223 was first reported on October 19th 2025, and the most recent report was 22 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-23 03:59:15 (22 hours ago)	Web App Attack	Web App Attack
🇺🇸 etu brutus	2026-06-22 17:19:33 (1 day ago)	216.26.247.223 Blocked by [Attack Vector List] ...	Hacking Brute-Force Exploited Host
🇺🇸 cwytech	2026-06-21 03:43:59 (2 days ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/wp-us-login-only-high.	Bad Web Bot Web App Attack
🇮🇩 zam	2026-06-20 21:09:40 (3 days ago)	216.26.247.223 - - [20/Jun/2026:21:09:23 +0000] "POST /wp-login.php HTTP/1.1" 404 81174	Web App Attack
🇫🇷 Sklurk	2026-06-20 05:18:07 (3 days ago)	Web App Attack	Web App Attack
🇫🇷 ELYAZ	2026-06-18 20:25:22 (5 days ago)	(y4) Failed scan -byebye- from 216.26.247.223 (ES/Spain/-): (CF_ENABLE)	Hacking
🇺🇸 lostswordfish.com	2026-06-18 18:54:03 (5 days ago)	Wordfence waf block on fypeducation	Web App Attack
🇺🇸 bpolson	2026-06-15 17:10:05 (1 week ago)	WordPress Hacking/Scanning. (s1)	Hacking Web App Attack
Anonymous	2025-12-06 05:13:23 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-27 22:07:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.223 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 17:07:04.236078 2025] [security2:error] [pid 31013:tid 31013] [client 216.26.247.223:60837] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "harwoodmechanical.com"] [uri "/.git/HEAD"] [unique_id "aSjLiPFv2tXSHWzQa_fJ8wAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:35:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.223 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:35:13.670027 2025] [security2:error] [pid 9413:tid 9413] [client 216.26.247.223:35941] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.adj-tech.net"] [uri "/.env"] [unique_id "aSVOIQw-Ht42eMMve2DBlgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:01:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.223 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:01:01.237989 2025] [security2:error] [pid 1080:tid 1080] [client 216.26.247.223:24895] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dcmillerjr.com"] [uri "/.git/HEAD"] [unique_id "aSUb7V7jLNYJ3JdyMoFwFQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇹 neo72	2025-10-19 05:17:57 (8 months ago)	Wordpress Attack	Web App Attack

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 207.90.244.26

🇭🇰 199.45.154.181

🇬🇧 193.8.186.31

🇨🇳 180.102.110.161

🇻🇳 116.110.214.50

🇫🇷 91.231.89.206

🇬🇧 81.19.219.216

🇧🇷 45.164.251.106

🇳🇱 45.148.10.157

🇧🇪 34.38.192.51

🇨🇳 27.150.188.148

🇫🇷 5.39.101.60

🇺🇸 2607:f8b0:4001:c1c::123

🇵🇰 223.123.73.221

🇺🇸 205.210.31.54

🇹🇭 182.52.109.76

🇧🇷 177.8.133.187

🇧🇷 177.8.132.86

🇺🇸 162.216.150.51

🇩🇪 87.120.211.234