JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.249.191

216.26.249.191 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 39%: ?

39%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.249.191

Whois 216.26.249.191

IP Abuse Reports for 216.26.249.191:

This IP address has been reported a total of 34 times from 16 distinct sources. 216.26.249.191 was first reported on October 5th 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Yepngo	2026-06-24 05:58:05 (3 days ago)	216.26.249.191 - - [24/Jun/2026:07:56:36 +0200] "POST /wp-login.php HTTP/2.0" 200 11376 "https://blo ... show more 216.26.249.191 - - [24/Jun/2026:07:56:36 +0200] "POST /wp-login.php HTTP/2.0" 200 11376 "https://blog.yepngo.com/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 216.26.249.191 - - [24/Jun/2026:07:58:05 +0200] "POST /wp-login.php HTTP/2.0" 200 11376 "https://blog.yepngo.com/wp-login.php" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" ... show less	Brute-Force Web App Attack
🇲🇽 octageeks.com	2026-06-24 04:16:58 (4 days ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇨🇴 ingentar	2026-06-21 02:46:42 (1 week ago)	2026-06-20T21:45:33.250054-05:00 web wordpress(ingentar.com)[745735]: Blocked authentication attempt ... show more 2026-06-20T21:45:33.250054-05:00 web wordpress(ingentar.com)[745735]: Blocked authentication attempt for admin from 216.26.249.191 ... show less	Web App Attack Brute-Force
🇫🇷 ELYAZ	2026-06-20 20:25:31 (1 week ago)	(y4) Failed scan -byebye- from 216.26.249.191 (IT/Italy/-): (CF_ENABLE)	Hacking
🇲🇹 Malta	2026-06-20 01:39:40 (1 week ago)	216.26.249.191 - - [20/Jun/2026:03:39:39 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintos ... show more 216.26.249.191 - - [20/Jun/2026:03:39:39 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇳🇿 billyborsht	2026-06-19 21:11:57 (1 week ago)	2026-06-20T09:11:57.229171+12:00 southern wordpress(leanpolicy.org)[1102091]: Authentication attempt ... show more 2026-06-20T09:11:57.229171+12:00 southern wordpress(leanpolicy.org)[1102091]: Authentication attempt for unknown user hengker from 216.26.249.191 ... show less	Hacking Web App Attack
🇪🇸 el-brujo	2026-04-22 12:44:10 (2 months ago)	Cloudflare WAF: Request Path: /.svn/wc.db Request Query: Host: foro.elhacker.net userAgent: Mozilla ... show more Cloudflare WAF: Request Path: /.svn/wc.db Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0 Action: block Source: firewallManaged ASN Description: DREI-K-TECH-GMBH Country: DE Method: GET Timestamp: 2026-04-22T12:44:10Z ruleId: 23548ee2b36547a1be09bb2c0550c529. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇳🇱 ParaBug	2026-04-20 18:29:55 (2 months ago)	216.26.249.191 - - [20/Apr/2026:20:29:55 +0200] "GET http://51-15-23-24.rev.poneytelecom.eu/.svn/wc. ... show more 216.26.249.191 - - [20/Apr/2026:20:29:55 +0200] "GET http://51-15-23-24.rev.poneytelecom.eu/.svn/wc.db HTTP/1.1" 403 440 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1" ... show less	Phishing Brute-Force Web App Attack
🇩🇪 MarkGGN	2026-02-15 06:11:13 (4 months ago)	Webexploits. 216.26.249.191 - - [15/Feb/2026:07:10:31 +0100] "GET /admin/.git/config HTTP/1.1" 444 0 ... show more Webexploits. 216.26.249.191 - - [15/Feb/2026:07:10:31 +0100] "GET /admin/.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" 216.26.249.191 - - [15/Feb/2026:07:11:13 +0100] "GET /backup/.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 06:06:35 (4 months ago)	Too many Status 40X (12) Scanning/Probing (14)	Brute-Force Web App Attack
🇫🇷 dynamix	2026-02-15 01:54:41 (4 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 07:20:06 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.249.191 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.249.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:19:59.771484 2025] [security2:error] [pid 18292:tid 18292] [client 216.26.249.191:40257] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.justmakingitbetter.com"] [uri "/.env"] [unique_id "aSVYn3aOcNFPvWh4yrSmBgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:43:45 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.249.191 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.249.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:43:33.776715 2025] [security2:error] [pid 10609:tid 10609] [client 216.26.249.191:29171] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.iliketoruntoo.com"] [uri "/.git/HEAD"] [unique_id "aSVCBWblk7gFqNvA6ZQfJQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:47:35 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.249.191 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.249.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:47:18.497721 2025] [security2:error] [pid 17115:tid 17115] [client 216.26.249.191:11521] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.carlfink.name"] [uri "/.env"] [unique_id "aSUmxgZhCecJzbn2VJ8m9AAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Psycho Solutions LLC	2025-10-27 01:31:07 (8 months ago)	Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-admin/ - User Agent: N/A ... show more Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-admin/ - User Agent: N/A - Timestamp: 10/27/2025 1:31 am (UTC-6) show less	Web Spam Hacking Bad Web Bot Web App Attack

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 195.178.110.228

🇮🇷 176.65.240.242

🇫🇮 147.185.133.108

🇺🇸 216.218.206.67

🇧🇪 198.235.24.212

🇧🇪 198.235.24.207

🇺🇸 184.105.247.252

🇻🇳 171.244.37.103

🇫🇮 147.185.133.154

🇮🇳 106.51.92.114

🇺🇸 40.124.86.76

🇭🇰 199.45.155.98

🇹🇼 198.235.24.122

🇬🇷 195.167.10.162

🇲🇽 186.96.158.180

🇮🇳 122.160.69.233

🇦🇿 94.20.25.28

🇫🇷 91.231.89.149

🇬🇷 46.103.3.35

🇬🇧 35.203.210.15