JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.252.15

216.26.252.15 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 13%: ?

13%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.252.15

Whois 216.26.252.15

IP Abuse Reports for 216.26.252.15:

This IP address has been reported a total of 10 times from 7 distinct sources. 216.26.252.15 was first reported on October 13th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 convos	2026-06-26 14:58:20 (1 day ago)	HONEYPOT TRIGGERED [HP-MQV22Z48-NXXZLM]: GET /wp-includes/wlwmanifest.xml on hq.it-solutionsusa.com ... show more HONEYPOT TRIGGERED [HP-MQV22Z48-NXXZLM]: GET /wp-includes/wlwmanifest.xml on hq.it-solutionsusa.com \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) \| TS: 2026-06-26T14:58:20.360Z show less	Port Scan Web App Attack
🇫🇷 Baking333	2026-06-07 10:47:36 (3 weeks ago)	[redacted] 216.26.252.15 - - [07/Jun/2026:11:47:35 +0100] "GET //wp-includes/[redacted] HTTP/1.1" 30 ... show more [redacted] 216.26.252.15 - - [07/Jun/2026:11:47:35 +0100] "GET //wp-includes/[redacted] HTTP/1.1" 302 5298 0/109310 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" [redacted] 216.26.252.15 - - [07/Jun/2026:11:47:35 +0100] "GET //[redacted]?rsd HTTP/1.1" 302 1569 0/248094 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" show less	Bad Web Bot Web App Attack
🇩🇪 ghostwarriors	2026-05-28 22:50:07 (4 weeks ago)	Attempts against non-existent wp-login	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-28 04:10:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.252.15 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.252.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 23:10:06.535422 2025] [security2:error] [pid 5898:tid 5898] [client 216.26.252.15:44373] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jerrylogoluso.com"] [uri "/.git/HEAD"] [unique_id "aVCtnuUeb1-bRkJrRYJ2CQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 22:22:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.252.15 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.252.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 17:22:15.608010 2025] [security2:error] [pid 6475:tid 6475] [client 216.26.252.15:50681] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bostonlog.com"] [uri "/.env"] [unique_id "aVBcF_jmjL5chdNlZVfh4AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 18:43:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.252.15 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.252.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 13:43:26.072994 2025] [security2:error] [pid 11266:tid 11266] [client 216.26.252.15:59571] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wadenelson.com"] [uri "/.git/HEAD"] [unique_id "aVAozsJR31g3WLFxKFKYFwAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 16:12:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.252.15 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.252.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 11:12:12.051639 2025] [security2:error] [pid 264907:tid 264956] [client 216.26.252.15:39879] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "soulconjecture.com"] [uri "/.env"] [unique_id "aVAFXBdeM_J5hpq9x-iBUAAAAFM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 OceanTreasure	2025-12-26 08:45:28 (6 months ago)	tcp/80; Git HEAD reference exposure attempt: "GET /.git/HEAD" @ 2025-12-26T08:38:27Z [proxy]	Web App Attack
Anonymous	2025-11-02 18:20:22 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 07:23:10	Port Scan Brute-Force Exploited Host Web App Attack
Anonymous	2025-10-13 14:49:09 (8 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 182.13.96.107

🇺🇸 147.185.132.199

🇩🇪 104.207.51.16

🇹🇷 94.154.43.140

🇰🇷 59.11.53.94

🇺🇸 45.132.227.176

🇺🇸 44.192.179.37

🇮🇩 36.82.37.177

🇷🇴 2.57.121.112

🇰🇷 211.46.188.16

🇸🇪 155.212.37.165

🇺🇸 45.146.55.141

🇺🇸 44.216.246.2

🇸🇬 43.172.194.251

🇹🇿 41.93.28.23

🇨🇳 27.46.75.6

🇮🇳 20.204.47.37

🇬🇧 2a06:4880:c000::fb

🇫🇮 147.185.133.227

🇨🇳 111.26.115.122