JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.254.27

216.26.254.27 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 15%: ?

15%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.254.27

Whois 216.26.254.27

IP Abuse Reports for 216.26.254.27:

This IP address has been reported a total of 7 times from 3 distinct sources. 216.26.254.27 was first reported on November 25th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 ConsulHosting	2026-06-12 09:48:36 (1 day ago)	Excessive failed CAPTCHA attempts (CAPTCHA DoS)	Web App Attack
🇵🇹 Information Security	2026-06-12 09:47:46 (1 day ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 11:53:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.254.27 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.254.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 06:53:26.870578 2025] [security2:error] [pid 21078:tid 21078] [client 216.26.254.27:60503] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dailybeautysupply.com"] [uri "/.env"] [unique_id "aS7TNik6mL4j-kzQ8gCA5wAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:15:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.254.27 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.254.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:15:46.293652 2025] [security2:error] [pid 32184:tid 32184] [client 216.26.254.27:44355] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "emmtrucking.com"] [uri "/.svn/wc.db"] [unique_id "aS52AslsjzYZhb6X43pqdgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:43:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.254.27 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.254.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:43:13.161754 2025] [security2:error] [pid 9206:tid 9213] [client 216.26.254.27:48005] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "trident-environmental.com"] [uri "/.env"] [unique_id "aS5uYVw5jEjeVLQBRCG36gAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:10:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.254.27 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.254.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:10:09.409797 2025] [security2:error] [pid 10160:tid 10160] [client 216.26.254.27:39555] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.katherinehowell.us"] [uri "/.svn/wc.db"] [unique_id "aSVIQb1lvaYHQp2ij-BK3gAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:19:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.254.27 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.254.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:19:31.875369 2025] [security2:error] [pid 1817001:tid 1817042] [client 216.26.254.27:60483] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eceinal.com"] [uri "/.git/HEAD"] [unique_id "aSU8Y2R1ttxeyDpsCa9t0wAAAYM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 122.144.131.25

🇹🇼 104.199.176.250

🇳🇱 85.11.167.7

🇰🇷 14.55.144.22

🇬🇧 5.226.140.50

🇷🇴 2.57.121.112

🇺🇸 170.203.28.48

🇺🇸 147.185.132.190

🇯🇵 122.222.1.177

🇬🇧 45.82.76.107

🇩🇪 43.228.157.8

🇨🇦 35.203.43.227

🇮🇷 5.237.108.189

🇧🇷 205.210.31.232

🇧🇷 181.218.9.86

🇵🇾 181.124.177.69

🇲🇾 180.74.225.210

🇻🇳 125.212.158.13

🇨🇳 117.40.114.21

🇿🇲 102.23.122.235