JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.248.189

216.26.248.189 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.248.189

Whois 216.26.248.189

IP Abuse Reports for 216.26.248.189:

This IP address has been reported a total of 32 times from 9 distinct sources. 216.26.248.189 was first reported on October 10th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 F242	2026-05-22 20:05:24 (2 weeks ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇺🇸 oncord	2026-01-11 14:46:41 (5 months ago)	Form spam	Web Spam
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:44 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 nowyouknow	2025-12-23 01:55:05 (5 months ago)	(From [email protected]) Hey there, You can offload your digital marketing workload to a tr ... show more (From [email protected]) Hey there, You can offload your digital marketing workload to a trained full-time assistant for $250/month. They work daily on SEO, ads, email campaigns, social media, and administrative tasks. Your first month is free. Use the form below to start the onboarding process. Direct Google link: https://docs.google.com/forms/d/e/1FAIpQLSc0j7_PYJOBpCDJqJEYWDUYRLFuf0fN596h51an A8k8Me0efA/viewform?usp=header GLE Link to Google Forms: https://forms.gle/4uj4nBHTiJVQooFA8 Short link: https://shorturl.at/o4IYf show less	Phishing Web Spam
🇱🇻 garmtech.com	2025-12-19 22:54:14 (5 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 00-54.216.26.248.189.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 00-54.216.26.248.189.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 21:50:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.189 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 16:50:25.082092 2025] [security2:error] [pid 32509:tid 32509] [client 216.26.248.189:36797] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pschitchat.com"] [uri "/.git/HEAD"] [unique_id "aTiZoaPsAd_A75XQ3GMQNQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 09:34:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.189 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 04:34:16.278347 2025] [security2:error] [pid 18009:tid 18009] [client 216.26.248.189:34065] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nextngnr.com"] [uri "/.env"] [unique_id "aTabmAkxkbL9TzTv-nml5gAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 02:05:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.189 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 21:05:21.583930 2025] [security2:error] [pid 25572:tid 25572] [client 216.26.248.189:25323] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "citrineartstudio.com"] [uri "/.svn/wc.db"] [unique_id "aTYyYQO_74fIGB9yrIF2LgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 22:06:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.189 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 17:06:09.398345 2025] [security2:error] [pid 2815:tid 2815] [client 216.26.248.189:30571] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rasuki.com"] [uri "/.svn/wc.db"] [unique_id "aTX6UdCmwNxYTOrOkp5j3wAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 13:50:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.189 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 08:50:44.559011 2025] [security2:error] [pid 18244:tid 18244] [client 216.26.248.189:11001] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kithouse.org"] [uri "/.env"] [unique_id "aTWGNKVD6JMYGRpoBTPP2AAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 17:27:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.189 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 12:27:47.176183 2025] [security2:error] [pid 1402:tid 1442] [client 216.26.248.189:39665] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "birdhousefarms.com"] [uri "/.env"] [unique_id "aTMWE-pRB5tP5ynZn9naGgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 11:19:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.189 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 06:19:36.057729 2025] [security2:error] [pid 24302:tid 24302] [client 216.26.248.189:41089] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kiahunahawaii.com"] [uri "/.svn/wc.db"] [unique_id "aTK_yG0eSDx4tB46bEWLWgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 nowyouknow	2025-11-27 03:14:54 (6 months ago)	(From [email protected]) Want to attract more people to sigafoosejacks ... show more (From [email protected]) Want to attract more people to sigafoosejackson.com now? Start your Free Test. show less	Phishing Web Spam
🇺🇸 Psycho Solutions LLC	2025-11-07 13:20:51 (7 months ago)	Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-login.php - User Agent: N ... show more Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-login.php - User Agent: N/A - Timestamp: 11/7/2025 1:20 pm (UTC-6) show less	Web Spam Hacking Bad Web Bot Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-10-27 03:53:58 (7 months ago)	WP Admin Scan Activities	Web App Attack

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.114

🇰🇷 110.15.180.181

🇺🇸 104.243.133.18

🇫🇷 85.217.140.8

🇺🇸 64.62.156.205

🇳🇱 2a02:4780:8:1312:0:3666:2ebb:1

🇺🇸 2601:152:300:241b:f14e:d1a6:3474:9870

🇺🇸 174.35.25.181

🇦🇪 153.75.91.28

🇨🇳 116.179.32.35

🇨🇳 106.12.80.96

🇳🇱 81.19.216.99

🇺🇸 65.49.1.187

🇺🇸 45.156.129.66

🇺🇸 45.156.129.65

🇺🇸 34.82.86.2

🇺🇸 18.97.14.81

🇷🇴 2.57.122.177

🇬🇧 213.166.84.52

🇬🇧 193.163.125.85