JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.248.143

216.26.248.143 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.248.143

Whois 216.26.248.143

IP Abuse Reports for 216.26.248.143:

This IP address has been reported a total of 14 times from 9 distinct sources. 216.26.248.143 was first reported on October 10th 2025, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 masterguru	2025-12-29 14:03:23 (5 months ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (5000900-122)	Web App Attack
🇮🇹 VHosting	2025-12-28 22:50:09 (5 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2025-11-25 23:02:51 (6 months ago)	Auto-ban: >3000 req/min op 2025-11-25	Hacking Web App Attack SSH
🇮🇩 Burayot	2025-11-25 17:42:30 (6 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 216.26.248.143 (TH/Thailand/-): 1 i ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 216.26.248.143 (TH/Thailand/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 07:32:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:32:09.991582 2025] [security2:error] [pid 32507:tid 32507] [client 216.26.248.143:33575] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.awesomeenergyrecords.com"] [uri "/.svn/wc.db"] [unique_id "aSVbeWh2g7MG8SIkbpIlrQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:54:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:54:52.348296 2025] [security2:error] [pid 20943:tid 20943] [client 216.26.248.143:24251] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.embeddedtrade.com"] [uri "/.git/HEAD"] [unique_id "aSVErPlBJlgYs9Q1V5bC9wAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:20:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:20:30.109191 2025] [security2:error] [pid 8636:tid 8636] [client 216.26.248.143:28797] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.bakerimaging.com"] [uri "/.svn/wc.db"] [unique_id "aSUujkobpB5w1fdOAoPd0gAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:39:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:39:09.042102 2025] [security2:error] [pid 20078:tid 20078] [client 216.26.248.143:32783] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "diamenty.info"] [uri "/.svn/wc.db"] [unique_id "aSUk3YraiS_qB1AfrbD5LAAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-25 02:41:29 (6 months ago)	Attempted access to sensitive endpoint (/.svn/wc.db) detected. Automated scan or unauthorized probin ... show more Attempted access to sensitive endpoint (/.svn/wc.db) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:36:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:36:06.859299 2025] [security2:error] [pid 29767:tid 29794] [client 216.26.248.143:29027] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.behaviorhealth.org"] [uri "/.git/HEAD"] [unique_id "aSUWFu2PFPX_dStrHN9aDQAAAQw"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Holger	2025-11-25 01:34:17 (6 months ago)	Bruteforce WebAttack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:16:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:16:37.065781 2025] [security2:error] [pid 5898:tid 5898] [client 216.26.248.143:54219] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.g-peopleland.com"] [uri "/.git/HEAD"] [unique_id "aSUDdSPrZ1aiiUJ56D4TUQAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-02 13:07:27 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 07:01:58	Port Scan Brute-Force Exploited Host Web App Attack
Anonymous	2025-10-10 07:59:00 (8 months ago)	contact form spammer	Web Spam Email Spam

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 172.98.33.214

🇨🇳 112.103.72.196

🇨🇦 198.251.62.31

🇸🇬 129.226.95.93

🇰🇷 34.158.218.190

🇬🇹 190.148.52.113

🇨🇳 180.184.30.99

🇮🇳 152.59.167.230

🇻🇳 113.173.247.121

🇮🇳 103.132.243.250

🇷🇺 95.71.127.158

🇮🇩 43.249.140.69

🇨🇳 42.238.169.120

🇬🇧 35.178.0.59

🇵🇸 213.6.230.57

🇯🇵 207.56.229.19

🇨🇳 182.42.93.139

🇺🇸 172.239.51.109

🇺🇸 147.185.132.111

🇸🇬 147.93.157.194