JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 81.199.26.48

81.199.26.48 was found in our database!

This IP was reported 240 times. Confidence of Abuse is 60%: ?

60%

ISP	21 Enterprises, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS62240
Domain Name	nam21enterprisesllc.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 81.199.26.48

Whois 81.199.26.48

IP Abuse Reports for 81.199.26.48:

This IP address has been reported a total of 240 times from 99 distinct sources. 81.199.26.48 was first reported on September 21st 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Ba-Yu	2026-06-16 06:12:10 (1 day ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇧🇷 Peregrine	2026-06-16 03:38:47 (1 day ago)	Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: 81.199.26.48 172.68.213.239 - - [16/Jun/2026:00:38: ... show more Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: 81.199.26.48 172.68.213.239 - - [16/Jun/2026:00:38:38 -0300] "GET /adminer.php HTTP/1.1" 404 18193 show less	Bad Web Bot
🇭🇺 kranem	2026-06-16 03:00:37 (1 day ago)	Triggered Cloudflare WAF from DE. Action taken: BLOCK ASN: 62240 (Clouvider) Protocol: HTTP/1.1 (GET ... show more Triggered Cloudflare WAF from DE. Action taken: BLOCK ASN: 62240 (Clouvider) Protocol: HTTP/1.1 (GET method) Endpoint: /adminer.php Timestamp: 2026-06-16T02:12:57Z User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/119.0 show less	Bad Web Bot
🇺🇸 interbiznw.com	2026-06-16 02:56:44 (1 day ago)	fail2ban-ban	Hacking Brute-Force Exploited Host Web App Attack
🇫🇷 pm33	2026-06-05 10:21:34 (1 week ago)	Excessive crawling HTTP 404	Web App Attack
🇪🇸 masterguru	2026-06-05 03:31:34 (1 week ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:user-agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:user-agent. (1100000-122) show less	Bad Web Bot
🇧🇾 lns.bz	2026-06-04 22:35:58 (1 week ago)	Too many 404 requests [BY]	Web App Attack
🇩🇪 ghostwarriors	2026-05-16 12:20:13 (1 month ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ghostwarriors	2026-05-15 00:50:28 (1 month ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇩🇪 AetherFox	2026-05-14 21:38:46 (1 month ago)	AetherFox VoidGuard detected: [Thu May 14 21:38:44.355510 2026] [authz_core:error] [pid 3974552:tid ... show more AetherFox VoidGuard detected: [Thu May 14 21:38:44.355510 2026] [authz_core:error] [pid 3974552:tid 3974576] [client 81.199.26.48:20133] AH01630: client denied by server configuration: proxy:https://[MASKED]/templates/Beez2/error.php, referer: http://dranet.de//templates/Beez2/error.php [Thu May 14 21:38:44.816046 2026] [authz_core:error] [pid 3974552:tid 3974575] [client 81.199.26.48:20133] AH01630: client denied by server configuration: proxy:https://[MASKED]/local/index.php, referer: http://dranet.de//local/index.php [Thu May 14 21:38:45.165826 2026] [authz_core:error] [pid 3974552:tid 3974582] [client 81.199.26.48:20133] AH01630: client denied by server configuration: proxy:https://[MASKED]/libraries/phpmailer/updates.php, referer: http://dranet.de//libraries/phpmailer/updates.php [Thu May 14 21:38:45.499150 2026] [authz_core:error] [pid 3974552:tid 3974558] [client 81.199.26.48:20133] AH01630: client denied by server configuration: proxy:https://5.75.1 ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-09 06:54:09 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 81.199.26.48 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 81.199.26.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 02:54:05.279452 2026] [security2:error] [pid 11583:tid 11583] [client 81.199.26.48:61797] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "deanfountain.com"] [uri "/wp-config.php"] [unique_id "af7aDfO7PrSGXV9U0cPb-QAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-09 04:22:08 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 81.199.26.48 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 81.199.26.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 00:22:04.072648 2026] [security2:error] [pid 27333:tid 27333] [client 81.199.26.48:47101] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "deanandolsek.com"] [uri "/wp-config.php"] [unique_id "af62bFKvE_hBG5tyLUG1hwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-05-08 16:53:19 (1 month ago)	Excessive multi-domain requests	Brute-Force
🇫🇷 masterguru	2026-05-08 01:09:54 (1 month ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-193) show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-07 23:16:51 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 81.199.26.48 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 81.199.26.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 19:16:48.286066 2026] [security2:error] [pid 15139:tid 15139] [client 81.199.26.48:32813] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "darrowco.com"] [uri "/wp-content/wp-config.php"] [unique_id "af0dYIzCR7ZQQPrFJVk4jgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 240 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:ff10:c8:594::7

🇺🇸 208.84.101.238

🇷🇺 193.164.150.141

🇭🇳 181.78.101.153

🇮🇳 117.214.100.18

🇺🇸 64.62.156.144

🇺🇸 64.62.156.133

🇺🇸 64.62.156.67

🇳🇱 45.148.10.151

🇺🇸 23.80.80.163

🇺🇸 20.64.104.177

🇻🇳 14.225.7.70

🇹🇼 1.168.61.199

🇵🇱 194.180.49.216

🇨🇼 190.88.42.100

🇺🇸 186.241.95.111

🇺🇸 148.153.193.126

🇵🇰 139.135.40.156

🇻🇳 125.212.244.35

🇮🇳 125.23.183.18