JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.248.20

216.26.248.20 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 10%: ?

10%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.248.20

Whois 216.26.248.20

IP Abuse Reports for 216.26.248.20:

This IP address has been reported a total of 10 times from 4 distinct sources. 216.26.248.20 was first reported on November 24th 2025, and the most recent report was 5 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-06-06 10:20:25 (5 hours ago)	dot file probe	Web App Attack
🇬🇧 WebNiraj	2026-05-06 09:16:28 (1 month ago)	Port Scan detected from 216.26.248.20 (TH/Thailand/-). 11 hits in the last 277 seconds [SIGMA]	Brute-Force Port Scan
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:39 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-09 17:02:49 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 12:02:45.884480 2025] [security2:error] [pid 15752:tid 15752] [client 216.26.248.20:38041] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "backyardtossers.com"] [uri "/.svn/wc.db"] [unique_id "aThWNV1C-E6X9Mxbx79vYAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 12:34:26 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 07:34:20.709202 2025] [security2:error] [pid 30665:tid 30665] [client 216.26.248.20:53655] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cardinalcouncilgc.org"] [uri "/.env"] [unique_id "aTV0TAlJRwA3ssFXrLz7owAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 14:42:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 09:42:11.821380 2025] [security2:error] [pid 16592:tid 16592] [client 216.26.248.20:9593] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bigislandhawaiirealestate.com"] [uri "/.svn/wc.db"] [unique_id "aTLvQ4-tNSfDuZBSx2EL7gAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 07:36:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 02:36:13.575946 2025] [security2:error] [pid 12808:tid 12808] [client 216.26.248.20:20275] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aeomis.com"] [uri "/.svn/wc.db"] [unique_id "aTKLbX3Q8b6EtF6OPEJhnQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 06:57:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 01:57:04.859594 2025] [security2:error] [pid 20455:tid 20455] [client 216.26.248.20:20005] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thesteeldrumman.com"] [uri "/.env"] [unique_id "aTKCQADB0iHIgrwxChZN2QAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:37:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:37:43.238805 2025] [security2:error] [pid 18191:tid 18219] [client 216.26.248.20:46465] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.windowtailors.com"] [uri "/.git/HEAD"] [unique_id "aSP9N_ZQzvcLISeGO1EjbAAAARA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:52:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:51:28.800189 2025] [security2:error] [pid 8450:tid 8450] [client 216.26.248.20:31881] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.twentytwocreative.net"] [uri "/.env"] [unique_id "aSPkUKQ7ZIJCBlOqhoDGaQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 207.241.173.229

🇧🇷 177.11.196.79

🇮🇳 167.71.239.213

🇨🇳 153.35.209.91

🇨🇳 121.61.156.232

🇨🇳 116.178.129.33

🇺🇿 84.54.70.78

🇳🇱 2a00:1450:4013:c06::122

🇺🇸 64.62.197.38

🇧🇬 5.188.206.30

🇳🇱 5.61.209.33

🇻🇳 222.254.47.36

🇱🇹 141.98.11.34

🇸🇬 47.128.16.19

🇰🇭 220.158.233.26

🇺🇦 217.147.172.82

🇺🇸 157.245.133.163

🇬🇧 92.207.4.157

🇺🇿 84.54.72.66

🇳🇱 45.148.10.147