JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.247.96

216.26.247.96 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.247.96

Whois 216.26.247.96

IP Abuse Reports for 216.26.247.96:

This IP address has been reported a total of 17 times from 7 distinct sources. 216.26.247.96 was first reported on November 2nd 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇽 octageeks.com	2026-06-12 04:07:22 (3 days ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇬🇧 CrystalMaker	2026-03-25 05:18:29 (2 months ago)	Wordpress attack - GET //wp-includes/wlwmanifest.xml; GET //xmlrpc.php?rsd; GET //blog/wp-includes/w ... show more Wordpress attack - GET //wp-includes/wlwmanifest.xml; GET //xmlrpc.php?rsd; GET //blog/wp-includes/wlwmanifest.xml; GET //web/wp-includes/wlwmanifest.xml; GET //wordpress/wp-includes/wlwmanifest.xml; GET //website/wp-includes/wlwmanifest.xml; GET //wp/wp-includes/wlwmanifest.xml; GET //news/wp-includes/wlwmanifest.xml; GET //wp1/wp-includes/wlwmanifest.xml; GET //test/wp-includes/wlwmanifest.xml; GET //wp2/wp-includes/wlwmanifest.xml; GET //site/wp-includes/wlwmanifest.xml; GET //cms/wp-includes/wlwmanifest.xml; GET //sito/wp-includes/wlwmanifest.xml show less	Web App Attack
🇵🇱 sefinek.net	2026-02-10 08:01:24 (4 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Vivaldi/5.3.2679.68 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2026-01-05 20:11:11 (5 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:40 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-03 04:40:49 (6 months ago)	(mod_security) mod_security (id:210740) triggered by 216.26.247.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210740) triggered by 216.26.247.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 23:40:45.558196 2025] [security2:error] [pid 7150:tid 7169] [client 216.26.247.96:23695] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy\|\|vtweaversguild.org\|F\|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "vtweaversguild.org"] [uri "/Guestbook.php"] [unique_id "aS-_Td0TcU9gkzjkLBws8wAAAQ8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 19:44:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 14:44:36.029684 2025] [security2:error] [pid 19836:tid 19836] [client 216.26.247.96:10349] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hshr.com"] [uri "/.git/HEAD"] [unique_id "aS9BpNf0C6wpmJ06hhGzBAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 09:05:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 04:05:45.322822 2025] [security2:error] [pid 28241:tid 28241] [client 216.26.247.96:16519] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jcrluthier.com"] [uri "/.git/HEAD"] [unique_id "aS6r6dScaYQLWwm9H11QDQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 06:01:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 01:01:00.413709 2025] [security2:error] [pid 5045:tid 5045] [client 216.26.247.96:24153] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "zebax.com"] [uri "/.git/HEAD"] [unique_id "aS6AnDyXuTc2Dhd711iZPwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:43:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:43:33.757849 2025] [security2:error] [pid 1593:tid 1621] [client 216.26.247.96:32197] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "philacentric.com"] [uri "/.env"] [unique_id "aS5udTHZSzFK0PbwTkDi1QAAARg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:19:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:19:44.315605 2025] [security2:error] [pid 17666:tid 17666] [client 216.26.247.96:10523] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.thenowhere-men.com"] [uri "/.env"] [unique_id "aSVKgOByGYKTekmRZaCz_wAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:57:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:57:36.723854 2025] [security2:error] [pid 21764:tid 21764] [client 216.26.247.96:31199] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.omahareact.org"] [uri "/.git/HEAD"] [unique_id "aSU3QCvu1c7jp1u45AngMAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:31:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:31:04.074524 2025] [security2:error] [pid 16504:tid 16504] [client 216.26.247.96:52357] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "artinistanbul.pist.org.tr"] [uri "/.git/HEAD"] [unique_id "aSUxCK9PmkXqgmcFShxfwQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:49:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:48:47.849739 2025] [security2:error] [pid 1647139:tid 1647172] [client 216.26.247.96:19147] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.guitarmans.com"] [uri "/.git/HEAD"] [unique_id "aSUZD55eMzOQPKYL6rIDYQAAAFU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:27:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.247.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.247.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:26:55.557446 2025] [security2:error] [pid 4604:tid 4604] [client 216.26.247.96:13123] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.erkan.net"] [uri "/.git/HEAD"] [unique_id "aSUT7z6N65nH1OIvx_jxRwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 192.220.50.199

🇭🇰 116.92.214.150

🇧🇬 79.124.40.138

🇬🇧 35.203.211.185

🇹🇼 198.235.24.79

🇺🇸 159.203.67.164

🇯🇵 152.32.146.235

🇺🇸 139.144.235.132

🇮🇹 93.92.74.87

🇺🇸 67.241.132.98

🇨🇳 42.178.17.143

🇻🇳 27.71.21.70

🇲🇦 197.153.57.103

🇪🇬 197.45.49.244

🇮🇹 185.229.238.90

🇻🇳 171.243.151.77

🇬🇧 149.107.104.217

🇫🇮 147.185.133.208

🇰🇷 146.56.103.89

🇧🇷 177.44.191.61