JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.249.238

216.26.249.238 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 29%: ?

29%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.249.238

Whois 216.26.249.238

IP Abuse Reports for 216.26.249.238:

This IP address has been reported a total of 14 times from 6 distinct sources. 216.26.249.238 was first reported on November 9th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇹 Malta	2026-06-20 01:43:05 (2 days ago)	216.26.249.238 - - [20/Jun/2026:03:43:05 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintos ... show more 216.26.249.238 - - [20/Jun/2026:03:43:05 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇩🇪 iNetWorker	2026-06-19 14:47:04 (2 days ago)	trolling for resource vulnerabilities	Web App Attack
🇫🇷 ELYAZ	2026-06-19 14:29:38 (2 days ago)	(y4) Failed scan -byebye- from 216.26.249.238 (IT/Italy/-): (CF_ENABLE)	Hacking
🇩🇪 Click-Networks	2026-06-19 09:09:43 (3 days ago)		Web Spam Brute-Force Exploited Host
Anonymous	2026-01-05 20:12:40 (5 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-26 11:13:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.249.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.249.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:13:16.607697 2025] [security2:error] [pid 14222:tid 14222] [client 216.26.249.238:48001] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.appliedcam.com"] [uri "/.git/HEAD"] [unique_id "aSbgzDlySeLNL8UTqavx7gAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 10:19:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.249.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.249.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:19:13.529385 2025] [security2:error] [pid 13534:tid 13534] [client 216.26.249.238:15313] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.pete-n-sheila.net"] [uri "/.git/HEAD"] [unique_id "aSbUIRu0NvGea454Tnmr7QAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:13:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.249.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.249.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:13:47.125414 2025] [security2:error] [pid 8092:tid 8092] [client 216.26.249.238:58771] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.jordanliberman.com"] [uri "/.svn/wc.db"] [unique_id "aSaamys3hgGAe1tI0vSaiQAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:27:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.249.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.249.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:27:17.377061 2025] [security2:error] [pid 24634:tid 24634] [client 216.26.249.238:47987] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.littlehornengineering.com"] [uri "/.git/HEAD"] [unique_id "aSZXdcO1i2TPI6rAbF_JoAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:57:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.249.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.249.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:57:42.067537 2025] [security2:error] [pid 31344:tid 31344] [client 216.26.249.238:30393] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fables4teenagers.com"] [uri "/.svn/wc.db"] [unique_id "aSVTZjTO90u-Zx4CpD9HjQAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:31:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.249.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.249.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:31:05.462869 2025] [security2:error] [pid 8414:tid 8414] [client 216.26.249.238:18413] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.crr-construction.com"] [uri "/.svn/wc.db"] [unique_id "aSUU6RyU-8CCl4ZW44n4YwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:26:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.249.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.249.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:25:59.941156 2025] [security2:error] [pid 9546:tid 9546] [client 216.26.249.238:14063] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.pr-professional.com"] [uri "/.svn/wc.db"] [unique_id "aSQIh_H26ORNEcU8M6rnmQAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-23 14:01:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.249.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.249.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 09:01:39.272400 2025] [security2:error] [pid 22642:tid 22642] [client 216.26.249.238:60449] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.milajarecords.com"] [uri "/.git/config"] [unique_id "aSMTw--6SJOfSZGFbwBBvgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-09 19:43:43 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.249.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.249.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 09 14:43:38.226389 2025] [security2:error] [pid 16189:tid 16189] [client 216.26.249.238:12717] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.prodivediving.savingshvac.com"] [uri "/config.php%7C/.env%7Csettings.py"] [unique_id "aRDu6u2eslqAnTmxgqLyoQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 154.221.25.72

🇺🇸 74.79.243.6

🇰🇷 211.106.137.135

🇯🇵 152.32.146.235

🇻🇳 103.77.242.153

🇮🇷 80.191.135.13

🇧🇷 2a09:bac5:aa0:2555::3b8:49

🇮🇳 2404:6800:4000:100c::12b

🇬🇧 193.163.125.163

🇻🇳 171.243.150.209

🇫🇷 155.117.233.15

🇮🇳 125.23.155.110

🇲🇦 81.192.46.32

🇷🇴 2.57.121.112

🇧🇷 200.155.66.2

🇬🇧 195.206.182.199

🇩🇪 194.88.98.86

🇺🇸 172.173.200.62

🇨🇳 114.67.232.93

🇮🇳 103.80.199.51