JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.247.47

216.26.247.47 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 28%: ?

28%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.247.47

Whois 216.26.247.47

IP Abuse Reports for 216.26.247.47:

This IP address has been reported a total of 14 times from 10 distinct sources. 216.26.247.47 was first reported on October 15th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 FeG Deutschland	2026-06-02 16:56:16 (2 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 mnsf	2026-05-28 15:05:13 (1 week ago)	Scanning/Probing (24)	Brute-Force Web App Attack
🇩🇪 F242	2026-05-28 02:40:24 (1 week ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇲🇹 Malta	2026-05-26 01:43:02 (1 week ago)	216.26.247.47 - - [26/May/2026:03:43:02 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows N ... show more 216.26.247.47 - - [26/May/2026:03:43:02 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇺🇸 mnsf	2026-05-25 10:05:34 (1 week ago)	Scanning/Probing (34)	Brute-Force Web App Attack
🇺🇸 TRoden	2026-03-06 12:27:02 (2 months ago)	Geo Block Plugin: Escalation flag(s): rce_attempt	Hacking
Anonymous	2026-01-05 20:23:56 (4 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇩🇪 Packets-Decreaser.NET	2025-12-31 00:58:01 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-27 21:53:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.47 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 16:52:58.896424 2025] [security2:error] [pid 26625:tid 26625] [client 216.26.247.47:20753] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gilgoinn.com"] [uri "/.git/HEAD"] [unique_id "aSjIOkuEqNlG795sUh2olAAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 20:53:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.47 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 15:53:48.902778 2025] [security2:error] [pid 32252:tid 32252] [client 216.26.247.47:32231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "darkalleyproductions.com"] [uri "/.git/HEAD"] [unique_id "aSi6XEUku5PNgMMA5FscMgAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 22:07:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.47 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 17:07:10.516105 2025] [security2:error] [pid 8995:tid 8995] [client 216.26.247.47:34883] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.twccsolutions.com"] [uri "/.env"] [unique_id "aSd6DikRJvjWN5_hkAQ87AAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 20:52:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.47 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 15:52:04.507757 2025] [security2:error] [pid 17664:tid 17664] [client 216.26.247.47:43633] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thestardance.com"] [uri "/.env"] [unique_id "aSdodL0VHVXaCCuIXcLMZQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 london2038.com	2025-10-19 11:27:19 (7 months ago)	Connection atttempts against closed TCP ports Oct 19 13:27:08 BLOCK SRC=216.26.247.47 LEN=60 TOS=0x0 ... show more Connection atttempts against closed TCP ports Oct 19 13:27:08 BLOCK SRC=216.26.247.47 LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=38615 DF PROTO=TCP SPT=21579 DPT=22 WINDOW=64240 RES=0x00 SYN Oct 19 13:27:09 BLOCK SRC=216.26.247.47 LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=38616 DF PROTO=TCP SPT=21579 DPT=22 WINDOW=64240 RES=0x00 SYN Oct 19 13:27:18 BLOCK SRC=216.26.247.47 LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=22331 DF PROTO=TCP SPT=42897 DPT=22 WINDOW=64240 RES=0x00 SYN show less	Port Scan
Anonymous	2025-10-15 19:17:29 (7 months ago)	WordPress Brute Force	Brute-Force

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 69.5.169.149

🇩🇪 69.5.169.44

🇩🇪 69.5.169.29

🇩🇪 69.5.169.8

🇲🇾 47.250.14.85

🇲🇽 38.124.192.114

🇷🇴 2.57.121.112

🇨🇳 218.4.156.254

🇰🇷 210.114.22.126

🇺🇿 195.158.14.232

🇫🇮 172.217.37.146

🇨🇳 120.48.154.88

🇩🇪 69.5.169.123

🇩🇪 64.89.163.50

🇳🇱 45.148.10.141

🇮🇹 37.32.80.182

🇬🇧 35.203.211.28

🇸🇬 4.194.4.255

🇹🇷 212.252.136.133

🇬🇧 195.140.214.22