JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.243.48

216.26.243.48 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 54%: ?

54%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.243.48

Whois 216.26.243.48

IP Abuse Reports for 216.26.243.48:

This IP address has been reported a total of 19 times from 16 distinct sources. 216.26.243.48 was first reported on October 14th 2025, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 pm33	2026-06-23 08:29:28 (9 hours ago)	Wordpress login attempts	Brute-Force
🇫🇷 Sklurk	2026-06-23 03:57:42 (14 hours ago)	Web App Attack	Web App Attack
🇲🇽 octageeks.com	2026-06-20 04:15:53 (3 days ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇲🇹 Malta	2026-06-16 23:16:29 (6 days ago)	216.26.243.48 - - [17/Jun/2026:01:16:28 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh ... show more 216.26.243.48 - - [17/Jun/2026:01:16:28 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1; rv:118.0) Gecko/20100101 Firefox/118.0" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇫🇷 ELYAZ	2026-06-15 20:12:36 (1 week ago)	(y4) Failed scan -byebye- from 216.26.243.48 (GB/United Kingdom/-): (CF_ENABLE)	Hacking
🇺🇸 lostswordfish.com	2026-06-15 07:18:03 (1 week ago)	Wordfence waf block on wp20190711M4	Web App Attack
🇬🇷 setupgr	2026-06-12 15:36:49 (1 week ago)	(mod_security) mod_security (id:900001) triggered by 216.26.243.48: 1 in the last 86400 secs; Ports: ... show more (mod_security) mod_security (id:900001) triggered by 216.26.243.48: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 12 18:36:44.642273 2026] [security2:error] [pid 351317:tid 351486] [client 216.26.243.48:33031] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.pankoskal.gr"] [severity "CRITICAL"] [tag "security"] [hostname "mail.pankoskal.gr"] [uri "/wp-login.php"] [unique_id "aiwnjNMUiHpGKlaNgvQxLQAAAZA"], referer: https://mail.pankoskal.gr/wp-login.php show less	Port Scan
🇬🇧 poundawebsiteltd	2026-06-12 11:53:45 (1 week ago)	WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 216.26.243.48 - - [12/Jun/2026:12:53:42 +0100] P ... show more WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 216.26.243.48 - - [12/Jun/2026:12:53:42 +0100] POST /wp-login.php HTTP/1.1 503 21689 https://[REDACTED_DOMAIN]/wp-login.php Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; rv:119.0) Gecko/20100101 Firefox/119.0 show less	Web App Attack
🇬🇧 spamverify.com	2026-06-12 04:10:23 (1 week ago)	Honeypot Hit: WordPress Login	Web Spam Blog Spam Bad Web Bot Web App Attack
🇬🇷 setupgr	2026-06-12 00:55:51 (1 week ago)	(mod_security) mod_security (id:900001) triggered by 216.26.243.48: 1 in the last 86400 secs; Ports: ... show more (mod_security) mod_security (id:900001) triggered by 216.26.243.48: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 12 03:55:50.738961 2026] [security2:error] [pid 52835:tid 52892] [client 216.26.243.48:63345] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|alloweddomain2\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: tavernadimitris.com"] [severity "CRITICAL"] [tag "security"] [hostname "tavernadimitris.com"] [uri "/wp-login.php"] [unique_id "aitZFmTUdRqWy5D9zgOw1gAAAAo"], referer: https://tavernadimitris.com/wp-login.php show less	Port Scan
🇺🇸 dtorrer	2026-06-11 18:11:36 (1 week ago)	Brute-force general attack.	Brute-Force
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-03-22 13:05:26 (3 months ago)	Web attack	Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:44 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-25 05:54:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.243.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.243.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:53:52.860180 2025] [security2:error] [pid 7203:tid 7203] [client 216.26.243.48:40743] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "drbolen.derekvantreese.com"] [uri "/.env"] [unique_id "aSVEcA_p_U0w69PnJpVTKgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.73.217.18

🇧🇷 190.89.137.33

🇺🇸 147.182.183.153

🇸🇦 144.24.209.174

🇨🇳 122.190.26.96

🇳🇨 114.69.179.200

🇺🇸 50.247.189.189

🇸🇬 47.84.117.21

🇳🇱 45.148.10.230

🇳🇱 45.148.10.141

🇨🇳 39.106.23.166

🇩🇪 3.76.188.206

🇰🇷 3.34.191.111

🇬🇧 193.32.209.226

🇮🇳 182.66.214.70

🇧🇷 177.116.244.38

🇪🇬 154.177.236.44

🇧🇷 143.208.237.219

🇫🇮 138.124.80.167

🇳🇿 45.133.7.13