JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.249.80

216.26.249.80 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 26%: ?

26%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.249.80

Whois 216.26.249.80

IP Abuse Reports for 216.26.249.80:

This IP address has been reported a total of 22 times from 13 distinct sources. 216.26.249.80 was first reported on October 11th 2025, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ELYAZ	2026-06-24 05:05:53 (13 hours ago)	(y4) Failed scan -byebye- from 216.26.249.80 (IT/Italy/-): (CF_ENABLE)	Hacking
🇫🇷 ELYAZ	2026-06-22 19:55:57 (1 day ago)	(y4) Failed scan -byebye- from 216.26.249.80 (IT/Italy/-): (CF_ENABLE)	Hacking
🇲🇹 Malta	2026-06-22 03:15:45 (2 days ago)	216.26.249.80 - - [22/Jun/2026:05:15:45 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh ... show more 216.26.249.80 - - [22/Jun/2026:05:15:45 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.1.15" show less	Hacking Web App Attack
🇦🇺 MAGIC	2026-06-20 02:10:48 (4 days ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇫🇷 ELYAZ	2026-06-19 14:29:23 (5 days ago)	(y4) Failed scan -byebye- from 216.26.249.80 (IT/Italy/-): (CF_ENABLE)	Hacking
🇬🇧 PeravixGroup	2026-05-07 05:52:06 (1 month ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: CRITICAL. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-06 17:49:26 (1 month ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇨🇦 SSH-Admin	2026-02-07 17:12:28 (4 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇨🇦 SSH-Admin	2025-12-27 13:45:08 (5 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 18:30:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.249.80 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.249.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 13:29:57.349433 2025] [security2:error] [pid 10041:tid 10041] [client 216.26.249.80:25211] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "markaandrews.com"] [uri "/.git/HEAD"] [unique_id "aS8wJWhmRVHB--Zj9mp0JwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 07:54:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.249.80 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.249.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 02:54:47.099606 2025] [security2:error] [pid 10457:tid 10464] [client 216.26.249.80:33591] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fishrapper.com"] [uri "/.svn/wc.db"] [unique_id "aS6bR8CUUz2bAsV5joAdlAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 06:58:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.249.80 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.249.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 01:58:36.632896 2025] [security2:error] [pid 20681:tid 20681] [client 216.26.249.80:56875] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "genesis-one.com"] [uri "/.git/HEAD"] [unique_id "aS6OHGdDRBLCyF2sPDwgWgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:59:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.249.80 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.249.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:58:52.020560 2025] [security2:error] [pid 14956:tid 15015] [client 216.26.249.80:13877] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bortec-corp.com"] [uri "/.env"] [unique_id "aS5yDFbve-zJwfI7DO8JjQAAAFA"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 afleventoffice.com.au	2025-12-01 13:53:38 (6 months ago)	GET /.svn/wc.db HTTP/1.1	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:51:31 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.249.80 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.249.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:51:23.637157 2025] [security2:error] [pid 12254:tid 12254] [client 216.26.249.80:28263] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.bluedogzero.com"] [uri "/.git/HEAD"] [unique_id "aSQOe8_quKE0tz7IN8QO0gAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇹 190.83.11.10

🇫🇷 185.255.126.51

🇱🇧 185.103.89.100

🇲🇾 175.137.172.108

🇸🇬 172.253.211.85

🇨🇳 161.189.202.6

🇵🇰 119.73.7.235

🇲🇦 105.156.90.127

🇧🇬 79.124.40.126

🇺🇸 66.240.223.240

🇺🇸 66.132.186.204

🇺🇸 66.132.186.200

🇳🇱 45.148.10.157

🇮🇩 36.93.249.106

🇪🇹 196.189.155.89

🇵🇾 190.128.201.18

🇧🇷 187.72.128.177

🇧🇷 170.246.69.232

🇰🇷 115.91.48.142

🇨🇳 106.13.79.83