JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.252.245

216.26.252.245 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 25%: ?

25%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.252.245

Whois 216.26.252.245

IP Abuse Reports for 216.26.252.245:

This IP address has been reported a total of 14 times from 9 distinct sources. 216.26.252.245 was first reported on November 24th 2025, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 iNetWorker	2026-06-30 18:37:57 (3 hours ago)	trolling for resource vulnerabilities	Web App Attack
🇫🇮 inlink.ltd	2026-06-06 19:31:31 (3 weeks ago)	dot file probe	Web App Attack
🇳🇱 ParaBug	2026-06-06 10:56:24 (3 weeks ago)	216.26.252.245 - - [06/Jun/2026:12:56:23 +0200] "GET http://51-15-23-24.rev.poneytelecom.eu/.svn/wc. ... show more 216.26.252.245 - - [06/Jun/2026:12:56:23 +0200] "GET http://51-15-23-24.rev.poneytelecom.eu/.svn/wc.db HTTP/1.1" 403 440 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Phishing Brute-Force Web App Attack
🇦🇺 oncord	2026-06-01 01:20:04 (4 weeks ago)	Form spam	Web Spam
🇧🇪 cmbplf	2026-05-24 05:21:29 (1 month ago)	4.027 requests with url.path //xmlrpc.php 3.596 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇫🇷 conseilgouz	2026-02-27 09:52:57 (4 months ago)	upe-12 : Block return, carriage return, ... characters=>/index.php?option=com_content%27%29%20AND%20 ... show more upe-12 : Block return, carriage return, ... characters=>/index.php?option=com_content%27%29%20AND%209408%3D%28SELECT%20UPPER%28XMLType%28CHR%2860%29%7C%7CCH...(') show less	Hacking
Anonymous	2025-12-30 20:40:08 (6 months ago)	"GET /.env HTTP/1.1"	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:20:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.252.245 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.252.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:20:21.769250 2025] [security2:error] [pid 2566013:tid 2566020] [client 216.26.252.245:34175] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rosicruciansociety.com"] [uri "/.env"] [unique_id "aVIBhZpwqS-pohtV-2wkbQAAAMQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 03:43:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.252.245 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.252.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 22:43:52.929769 2025] [security2:error] [pid 6330:tid 6330] [client 216.26.252.245:17315] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chipnado.com"] [uri "/.env"] [unique_id "aVH4-MM9sqrvvSVtDbB3wQAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-25 13:00:02 (7 months ago)	suspicious request in access.log	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:47:39 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.252.245 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.252.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:47:33.379862 2025] [security2:error] [pid 14562:tid 14562] [client 216.26.252.245:54821] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.spanishchristmascards.net"] [uri "/.git/HEAD"] [unique_id "aSVRBeTVZmKwZ0zf2VawZwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:36:13 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.252.245 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.252.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:36:10.364570 2025] [security2:error] [pid 24049:tid 24049] [client 216.26.252.245:46365] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dadlounge.com"] [uri "/.svn/wc.db"] [unique_id "aSUWGsT9kMxA8Td_jYRQTQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:52:12 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.252.245 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.252.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:52:05.163824 2025] [security2:error] [pid 18990:tid 18990] [client 216.26.252.245:47803] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.97201.com"] [uri "/.env"] [unique_id "aSQOpWKWqVUVGA3fiBUbdwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:37:01 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.252.245 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.252.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:36:58.100333 2025] [security2:error] [pid 12016:tid 12016] [client 216.26.252.245:21333] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wastetrack.io.wwts.io"] [uri "/.git/HEAD"] [unique_id "aSQLGsK3N15Pr1XLXmUumQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 2404:6800:4003:c1e::129

🇯🇵 160.251.233.37

🇳🇱 45.148.10.152

🇨🇳 222.88.163.204

🇧🇪 198.235.24.212

🇫🇷 194.113.235.89

🇰🇷 175.119.225.68

🇫🇷 139.28.219.70

🇷🇴 80.94.92.120

🇸🇿 41.215.146.195

🇺🇸 20.169.85.177

🇻🇳 14.225.7.70

🇩🇪 8.211.43.218

🇺🇬 196.0.120.6

🇩🇪 185.242.3.121

🇺🇸 172.191.239.155

🇺🇸 147.185.132.87

🇨🇳 223.107.237.83

🇺🇸 205.210.31.46

🇺🇸 162.216.149.50