JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.254.37

216.26.254.37 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.254.37

Whois 216.26.254.37

IP Abuse Reports for 216.26.254.37:

This IP address has been reported a total of 12 times from 5 distinct sources. 216.26.254.37 was first reported on November 2nd 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 oncord	2026-03-11 04:55:10 (2 months ago)	Form spam	Web Spam
🇫🇷 COMAITE	2026-02-05 23:01:25 (4 months ago)	Common web attack from 216.26.254.37.	Web App Attack
🇪🇸 10dencehispahard SL	2026-01-14 07:12:54 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇺🇸 TPI-Abuse	2025-11-25 06:17:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.254.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.254.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:17:05.595851 2025] [security2:error] [pid 905336:tid 905336] [client 216.26.254.37:34931] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.4photogifts.com"] [uri "/.git/HEAD"] [unique_id "aSVJ4SRiiy1CHlQOdMvjGAAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:51:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.254.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.254.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:51:12.857104 2025] [security2:error] [pid 10616:tid 10633] [client 216.26.254.37:34797] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.bobchaos.com"] [uri "/.git/HEAD"] [unique_id "aSU1wBg6vHAwpZvgd69TxQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:08:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.254.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.254.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:08:04.007657 2025] [security2:error] [pid 24205:tid 24205] [client 216.26.254.37:10781] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.ohanameetup.party"] [uri "/.svn/wc.db"] [unique_id "aSUrpDXliHsrww2Ymmi2owAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:56:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.254.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.254.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:56:30.812523 2025] [security2:error] [pid 18044:tid 18044] [client 216.26.254.37:12231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.reparcol.es"] [uri "/.git/HEAD"] [unique_id "aSUa3rtYkKJPT3dEmEG1VwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:30:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.254.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.254.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:30:48.500040 2025] [security2:error] [pid 26656:tid 26656] [client 216.26.254.37:37963] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.puoci.com"] [uri "/.svn/wc.db"] [unique_id "aSUU2HDxPhsG8JyjVBJ_qQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:11:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.254.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.254.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:11:22.419225 2025] [security2:error] [pid 31978:tid 31978] [client 216.26.254.37:54561] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.lawandaudit.com"] [uri "/.svn/wc.db"] [unique_id "aSQTKpW5-tdZRUBnkKVzuAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:55:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.254.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.254.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:54:41.790814 2025] [security2:error] [pid 21520:tid 21520] [client 216.26.254.37:11167] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.joe.banis-associates.com"] [uri "/.svn/wc.db"] [unique_id "aSQPQR0uOT4LEikQAlMPTAAAAEs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:35:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.254.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.254.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:35:26.364376 2025] [security2:error] [pid 408:tid 408] [client 216.26.254.37:46275] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.solas3.com"] [uri "/.env"] [unique_id "aSPuniZMrxPGapRZ6vri9gAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-02 14:17:43 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 07:00:54	Port Scan Brute-Force Exploited Host Web App Attack

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 192.144.21.12

🇬🇧 139.28.111.218

🇰🇷 123.58.200.120

🇨🇳 112.116.164.136

🇷🇺 109.165.0.153

🇺🇸 52.188.189.6

🇨🇳 47.94.96.144

🇭🇰 38.76.183.166

🇷🇴 193.32.162.16

🇸🇬 152.42.236.39

🇺🇸 74.7.227.50

🇨🇳 58.52.70.98

🇺🇸 44.204.64.190

🇺🇸 3.82.52.177

🇬🇧 195.96.139.196

🇬🇧 185.247.137.203

🇨🇳 180.169.100.182

🇸🇬 128.199.225.7

🇹🇼 104.199.161.139

🇺🇸 64.62.197.43