JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.254.246

216.26.254.246 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.254.246

Whois 216.26.254.246

IP Abuse Reports for 216.26.254.246:

This IP address has been reported a total of 16 times from 8 distinct sources. 216.26.254.246 was first reported on November 6th 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-03-05 05:17:11 (3 months ago)	216.26.254.246 - - [05/Mar/2026:06:16:59 +0100] "GET http://kinobaidalai.wordpress.com/ HTTP/1.1" 20 ... show more 216.26.254.246 - - [05/Mar/2026:06:16:59 +0100] "GET http://kinobaidalai.wordpress.com/ HTTP/1.1" 200 1868 "-" "Go-http-client/1.1" 216.26.254.246 - - [05/Mar/2026:06:17:02 +0100] "GET http://www.kinotekadb.com%2fconfiguration%2ephp/ HTTP/1.1" 400 554 "-" "Go-http-client/1.1" 216.26.254.246 - - [05/Mar/2026:06:17:05 +0100] "GET http://makler.noz.de/.git/config HTTP/1.1" 403 479 "-" "Go-http-client/1.1" 216.26.254.246 - - [05/Mar/2026:06:17:08 +0100] "GET http://wuerzburg-spielt.mainpost.de/.git/objects/bb/02f6a27d49ab36abc54dd8a7355ac017e004f5 HTTP/1.1" 403 494 "-" "Go-http-client/1.1" 216.26.254.246 - - [05/Mar/2026:06:17:11 +0100] "GET http://wr.informatik.uni-hamburg.de/ HTTP/1.1" 200 1868 "-" "Go-http-client/1.1" ... show less	Bad Web Bot
🇩🇪 Packets-Decreaser.NET	2025-12-31 00:58:25 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇨🇭 backslash	2025-12-30 14:40:08 (5 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇦🇺 Asimar	2025-11-27 12:06:53 (6 months ago)	(mod_security) mod_security triggered on hostname [redacted] 216.26.254.246 (FR/France/-): (CF_ENAB ... show more (mod_security) mod_security triggered on hostname [redacted] 216.26.254.246 (FR/France/-): (CF_ENABLE) show less	SQL Injection
🇺🇸 TPI-Abuse	2025-11-25 07:06:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.254.246 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.254.246 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:06:03.317641 2025] [security2:error] [pid 30992:tid 31080] [client 216.26.254.246:20633] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.minutosrobados.com"] [uri "/.git/HEAD"] [unique_id "aSVVWwiHdlTmqu0bsgsuzQAAAI4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:10:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.254.246 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.254.246 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:10:49.024013 2025] [security2:error] [pid 22469:tid 22469] [client 216.26.254.246:35835] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.deluxeexpress.com"] [uri "/.env"] [unique_id "aSVIabK_ZtAhp7uBAs9_swAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:49:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.254.246 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.254.246 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:49:29.242522 2025] [security2:error] [pid 18207:tid 18207] [client 216.26.254.246:51311] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.baysidechiropractic.net"] [uri "/.env"] [unique_id "aSVDaTChxy-3VkLWTLB6YAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:28:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.254.246 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.254.246 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:28:43.720737 2025] [security2:error] [pid 20960:tid 20960] [client 216.26.254.246:17525] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.lesbidrawn.com"] [uri "/.env"] [unique_id "aSU-i7mrRNtWDBD5H_sK5wAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 iNetWorker	2025-11-25 04:32:42 (6 months ago)	trolling for resource vulnerabilities	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:27:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.254.246 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.254.246 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:27:29.095374 2025] [security2:error] [pid 787353:tid 787353] [client 216.26.254.246:46447] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.central-wi-coal-sales.com"] [uri "/.env"] [unique_id "aSUwMT_L8FxrS-_0BlFVNAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:51:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.254.246 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.254.246 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:51:35.965246 2025] [security2:error] [pid 29451:tid 29451] [client 216.26.254.246:20625] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.princessnapkins.com"] [uri "/.env"] [unique_id "aSUnx3723aBEao0p4BKDFAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:32:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.254.246 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.254.246 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:32:33.239143 2025] [security2:error] [pid 11221:tid 11221] [client 216.26.254.246:10417] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.saratogaequity.com"] [uri "/.svn/wc.db"] [unique_id "aSUVQeXtNHrLseNQn6g-tQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:45:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.254.246 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.254.246 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:45:06.696667 2025] [security2:error] [pid 584:tid 584] [client 216.26.254.246:17239] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "theantidote.gregorii.com"] [uri "/.svn/wc.db"] [unique_id "aSUKIkVPWeHzoBZ8oFP-9wAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:13:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.254.246 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.254.246 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:13:34.876133 2025] [security2:error] [pid 26719:tid 26719] [client 216.26.254.246:19823] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.debbieweibler.com"] [uri "/.git/HEAD"] [unique_id "aSUCvoERN-6D_B4OMb36IQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 147.185.132.207

🇧🇩 103.171.69.79

🇩🇰 85.203.47.246

🇰🇷 58.224.62.29

🇺🇸 47.251.37.0

🇧🇷 187.110.238.50

🇭🇳 177.10.185.50

🇳🇬 102.88.137.213

🇩🇪 89.58.10.55

🇬🇧 31.14.254.47

🇺🇸 2607:f8b0:4001:c10::129

🇷🇺 212.164.28.6

🇦🇪 74.162.69.29

🇨🇦 67.231.24.5

🇭🇰 58.152.42.174

🇰🇷 220.80.224.223

🇺🇸 150.107.38.141

🇩🇪 116.203.156.226

🇨🇬 102.141.43.254

🇰🇬 85.113.4.170