JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.249.229

216.26.249.229 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 35%: ?

35%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.249.229

Whois 216.26.249.229

IP Abuse Reports for 216.26.249.229:

This IP address has been reported a total of 19 times from 12 distinct sources. 216.26.249.229 was first reported on November 21st 2025, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 zam	2026-06-22 10:54:25 (12 hours ago)	216.26.249.229 - - [22/Jun/2026:10:54:23 +0000] "POST /wp-login.php HTTP/1.1" 404 27293	Web App Attack
🇲🇹 Malta	2026-06-22 03:15:55 (19 hours ago)	216.26.249.229 - - [22/Jun/2026:05:15:55 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows ... show more 216.26.249.229 - - [22/Jun/2026:05:15:55 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:119.0) Gecko/20100101 Firefox/119.0" show less	Hacking Web App Attack
🇫🇷 ELYAZ	2026-06-20 20:25:31 (2 days ago)	(y4) Failed scan -byebye- from 216.26.249.229 (IT/Italy/-): (CF_ENABLE)	Hacking
🇲🇹 Malta	2026-06-20 01:39:42 (2 days ago)	216.26.249.229 - - [20/Jun/2026:03:39:42 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintos ... show more 216.26.249.229 - - [20/Jun/2026:03:39:42 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.1.15" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇳🇿 billyborsht	2026-06-19 21:14:33 (3 days ago)	2026-06-20T09:14:33.202869+12:00 southern wordpress(leanpolicy.org)[1101998]: Authentication attempt ... show more 2026-06-20T09:14:33.202869+12:00 southern wordpress(leanpolicy.org)[1101998]: Authentication attempt for unknown user adminwp from 216.26.249.229 ... show less	Hacking Web App Attack
🇺🇸 mnsf	2026-06-04 19:06:14 (2 weeks ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇯🇵 jay hung	2026-04-30 07:22:01 (1 month ago)	2026-04-30T07:21:54.205290+00:00 quarktech kernel: [3611991.031150] [UFW BLOCK] IN=eth0 OUT= MAC=22: ... show more 2026-04-30T07:21:54.205290+00:00 quarktech kernel: [3611991.031150] [UFW BLOCK] IN=eth0 OUT= MAC=22:00:92:2e:84:93:fe:ff:ff:ff:ff:ff:08:00 SRC=216.26.249.229 DST=172.237.29.33 LEN=60 TOS=0x00 PREC=0x40 TTL=40 ID=41152 DF PROTO=TCP SPT=44097 DPT=81 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan
Anonymous	2026-01-11 19:26:48 (5 months ago)	wordpress-trap	Web App Attack
Anonymous	2026-01-05 20:12:51 (5 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:08 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-25 06:44:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.249.229 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.249.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:43:56.755778 2025] [security2:error] [pid 15501:tid 15501] [client 216.26.249.229:24671] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.csiwebdesigns.com"] [uri "/.svn/wc.db"] [unique_id "aSVQLDzku6urNXQNKskrGwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:25:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.249.229 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.249.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:25:13.384257 2025] [security2:error] [pid 21412:tid 21412] [client 216.26.249.229:50127] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.holboxwhalesharktours.net"] [uri "/.env"] [unique_id "aSUvqQqHuWY7s9zu5VZ8RgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:55:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.249.229 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.249.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:55:38.493485 2025] [security2:error] [pid 11005:tid 11005] [client 216.26.249.229:11247] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.pankoff.com"] [uri "/.env"] [unique_id "aSUouoJJWy1CTXtE5W1vRQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:11:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.249.229 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.249.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:11:24.807572 2025] [security2:error] [pid 810:tid 810] [client 216.26.249.229:20271] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.jordanliberman.com"] [uri "/.git/HEAD"] [unique_id "aSUeXOpw9RRuVSpu6g5mxgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:49:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.249.229 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.249.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:49:49.818295 2025] [security2:error] [pid 574:tid 574] [client 216.26.249.229:31325] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mahtani.org"] [uri "/.env"] [unique_id "aSUZTfxPZK_biBpc9GlrRgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 2a01:4f9:2a:2754::2

🇨🇳 223.83.114.88

🇧🇷 205.210.31.242

🇺🇸 136.144.35.227

🇺🇸 44.76.208.190

🇨🇳 222.176.200.29

🇲🇰 213.135.175.76

🇺🇸 172.253.196.158

🇺🇸 162.216.150.154

🇺🇸 162.216.150.153

🇲🇦 105.156.82.214

🇷🇴 80.94.92.164

🇩🇪 44.30.115.105

🇺🇸 40.83.182.122

🇨🇳 27.24.141.95

🇺🇸 20.66.122.128

🇺🇸 147.185.132.204

🇮🇳 103.180.212.64

🇱🇹 77.90.185.86

🇺🇸 44.38.224.190