JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.244.20

216.26.244.20 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 9%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.244.20

Whois 216.26.244.20

IP Abuse Reports for 216.26.244.20:

This IP address has been reported a total of 17 times from 9 distinct sources. 216.26.244.20 was first reported on October 27th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-22 13:25:47 (2 weeks ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇨🇳 ThreatBook.io	2026-04-09 22:44:28 (1 month ago)	ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/216.26.244.20 202 ... show more ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/216.26.244.20 2026-04-09 04:16:42 /special/index.php?c=search&catid=23%20and%20(select%201%20from%20(select%20count(),concat(md5(1),floor(rand(0)2))x%20from%20information_schema.tables%20group%20by%20x)a) show less	Web App Attack
🇦🇺 2000cn.com.au	2026-02-11 21:05:20 (3 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇺🇸 Mundo Bueno	2026-02-10 01:47:09 (3 months ago)	[ISILIA Protection] Accès suspect: /.env.local \| Country: DE \| UA: Mozilla/5.0 (Windows NT 10.0; Win ... show more [ISILIA Protection] Accès suspect: /.env.local \| Country: DE \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 show less	Hacking Web App Attack
🇩🇪 iNetWorker	2026-01-11 08:27:03 (4 months ago)	trolling for resource vulnerabilities	Web App Attack
🇫🇮 Shaik Sai Meera	2026-01-04 23:30:08 (5 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇭🇷 IgorS.zg.hr	2025-12-30 11:26:27 (5 months ago)	Web application attack detected by fail2ban	Hacking Web App Attack
🇺🇸 jcbriar	2025-12-30 06:55:06 (5 months ago)	Searching for vulnerable scripts	Hacking Web App Attack
🇨🇳 ThreatBook.io	2025-12-18 22:53:00 (5 months ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/216.26.244.20 2025-12- ... show more ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/216.26.244.20 2025-12-18 09:41:11 /druid/index.html show less	Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 13:59:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.244.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.244.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 08:59:13.862431 2025] [security2:error] [pid 3174:tid 3174] [client 216.26.244.20:33543] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "title49.com"] [uri "/.env"] [unique_id "aS7wsaivOrs3lDMhZ0kLyQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 08:53:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.244.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.244.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 03:53:46.235453 2025] [security2:error] [pid 22528:tid 22528] [client 216.26.244.20:34995] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "budfromkansascitymo.com"] [uri "/.svn/wc.db"] [unique_id "aS6pGshMRhq7tS1SQY8qcAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:44:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.244.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.244.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:44:24.115106 2025] [security2:error] [pid 22402:tid 22402] [client 216.26.244.20:32119] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "airdriedrivingschool.com"] [uri "/.svn/wc.db"] [unique_id "aS5uqG-rvBW1oiQwFTDnYAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2025-12-02 00:57:02 (6 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇨🇳 ThreatBook.io	2025-11-28 05:24:49 (6 months ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/216.26.244.20 2025-11- ... show more ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/216.26.244.20 2025-11-27 21:07:09 /news/index.php?c=search&catid=23%20and%20(select%201%20from%20(select%20count(),concat(md5(1),floor(rand(0)2))x%20from%20information_schema.tables%20group%20by%20x)a) show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:55:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.244.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.244.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:54:54.056625 2025] [security2:error] [pid 17905:tid 17905] [client 216.26.244.20:48733] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "main.kidswow.com"] [uri "/.env"] [unique_id "aSVSvu3TChoGQA44Qv2pwwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 108.50.151.217

🇧🇷 200.196.50.91

🇩🇪 130.12.181.108

🇨🇳 121.229.202.143

🇻🇳 113.172.124.25

🇺🇸 109.105.209.9

🇬🇧 103.106.66.77

🇮🇳 68.233.116.124

🇨🇳 27.128.160.208

🇺🇸 20.65.194.117

🇰🇷 211.251.245.88

🇮🇪 185.192.16.58

🇨🇳 182.151.25.56

🇺🇸 172.190.112.206

🇨🇳 112.46.213.25

🇱🇹 81.30.98.142

🇮🇳 38.137.11.14

🇵🇱 37.28.157.146

🇳🇱 34.91.0.68

🇨🇦 24.156.249.109