JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.248.42

216.26.248.42 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 27%: ?

27%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.248.42

Whois 216.26.248.42

IP Abuse Reports for 216.26.248.42:

This IP address has been reported a total of 26 times from 10 distinct sources. 216.26.248.42 was first reported on October 10th 2025, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇹 Malta	2026-06-29 08:57:25 (8 hours ago)	216.26.248.42 - - [29/Jun/2026:10:57:25 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Ubun ... show more 216.26.248.42 - - [29/Jun/2026:10:57:25 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Hacking Web App Attack
🇲🇽 octageeks.com	2026-06-29 04:13:50 (13 hours ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇫🇷 Sklurk	2026-06-20 01:57:04 (1 week ago)	Web App Attack	Web App Attack
🇧🇪 cmbplf	2026-05-27 08:37:44 (1 month ago)	1.955 POST requests with url.path */wp-login.php	Brute-Force Bad Web Bot
Anonymous	2026-02-11 09:01:00 (4 months ago)	SMS pumping	DDoS Attack VPN IP Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 08:33:31 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:33:26.470982 2025] [security2:error] [pid 21752:tid 21752] [client 216.26.248.42:25387] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.hartflicker.com"] [uri "/.env"] [unique_id "aSa7VmHrb6ujFV_VUdHnywAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:51:39 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:51:32.398900 2025] [security2:error] [pid 23276:tid 23276] [client 216.26.248.42:35361] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.the-it-man.com"] [uri "/.git/HEAD"] [unique_id "aSaVZC6svtN8CdY2b4IRBQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:14:00 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:13:57.243168 2025] [security2:error] [pid 19706:tid 19706] [client 216.26.248.42:58275] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.cain2012.org"] [uri "/.git/HEAD"] [unique_id "aSZUVSNLvYzGigID6SeX3QAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:33:34 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:33:30.856029 2025] [security2:error] [pid 12880:tid 12880] [client 216.26.248.42:27909] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.mauriciagandara.com"] [uri "/.svn/wc.db"] [unique_id "aSZK2jhX6NmxK2U5931NDQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:51:03 (7 months ago)	(mod_security) mod_security (id:210730) triggered by 216.26.248.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 216.26.248.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:50:57.190073 2025] [security2:error] [pid 4144:tid 4144] [client 216.26.248.42:0] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|yggdrasil.org\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "yggdrasil.org"] [uri "/s3cmd.ini"] [unique_id "aST9cXbDVDZdIfI-RPgeOgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:50:32 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:50:25.707949 2025] [security2:error] [pid 29928:tid 29928] [client 216.26.248.42:43541] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aisoftwaretools.com"] [uri "/.git/HEAD"] [unique_id "aSPyIaPQw0dElqmt8IGy8AAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:05:14 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:05:08.774963 2025] [security2:error] [pid 1826:tid 1826] [client 216.26.248.42:13687] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.ninapinta.org"] [uri "/.env"] [unique_id "aSPLZPnBS7hAhCi4-CD-jQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-01 22:09:40 (7 months ago)	[redacted] 216.26.248.42 - - [01/Nov/2025:23:09:29 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "M ... show more [redacted] 216.26.248.42 - - [01/Nov/2025:23:09:29 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 11_3 like Mac OS X) AppleWebKit/604.1.34 (KHTML, like Gecko) GSA/48.0.193557427 Mobile/15E216 Safari/604.1" [redacted] 216.26.248.42 - - [01/Nov/2025:23:09:30 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Windows NT 6.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393" [redacted] 216.26.248.42 - - [01/Nov/2025:23:09:31 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_6; en-us) AppleWebKit/525.27.1 (KHTML, like Gecko) Version/3.2.1 Safari/525.27.1" [redacted] 216.26.248.42 - - [01/Nov/2025:23:09:33 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36" joerg-shimon-schuldhess.c ... show less	Hacking Web App Attack
🇫🇷 applemooz	2025-11-01 11:51:23 (7 months ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack
Anonymous	2025-10-26 15:56:07 (8 months ago)	wordpress-trap	Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 177.38.71.226

🇩🇪 167.94.146.33

🇺🇸 147.185.132.201

🇨🇳 120.48.147.81

🇰🇷 118.37.214.187

🇮🇳 110.225.255.179

🇺🇸 104.28.215.150

🇫🇷 91.231.89.237

🇳🇱 91.92.40.231

🇩🇪 69.5.169.117

🇨🇦 45.194.92.57

🇺🇸 20.55.99.64

🇺🇸 18.221.179.104

🇳🇱 195.178.110.26

🇳🇱 185.183.35.103

🇸🇬 165.154.200.214

🇮🇳 160.30.39.38

🇺🇸 91.229.244.197

🇷🇸 89.216.39.181

🇵🇱 79.110.201.164