JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.248.76

216.26.248.76 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.248.76

Whois 216.26.248.76

IP Abuse Reports for 216.26.248.76:

This IP address has been reported a total of 16 times from 4 distinct sources. 216.26.248.76 was first reported on November 16th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 koinkash.org	2026-05-23 01:40:52 (2 weeks ago)	They are fraudulent. Malicious threat actor requesting php file /wp-login.php	Web App Attack
🇩🇪 iNetWorker	2026-03-02 20:54:00 (3 months ago)	trolling for resource vulnerabilities	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:30:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:29:59.766741 2025] [security2:error] [pid 10747:tid 10772] [client 216.26.248.76:42127] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.scribblism.com"] [uri "/.git/HEAD"] [unique_id "aSVM512GfO2s-Qdwr6eF7QAAAJQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:22:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:22:29.700563 2025] [security2:error] [pid 27478:tid 27478] [client 216.26.248.76:59721] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.helpkccare.org"] [uri "/.env"] [unique_id "aSU9FWfWNTdDfn-U1ZDUugAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:53:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:53:53.262182 2025] [security2:error] [pid 23960:tid 23960] [client 216.26.248.76:11819] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.sabbathschoolguide.com"] [uri "/.env"] [unique_id "aSUaQcqwtLcQ8gQ9HmBxDwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:37:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:37:41.436367 2025] [security2:error] [pid 29677:tid 29677] [client 216.26.248.76:10253] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.aliamus.com"] [uri "/.git/HEAD"] [unique_id "aSUWdZF_omR0Q1xoZrEnngAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:20:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:20:00.270058 2025] [security2:error] [pid 11448:tid 11448] [client 216.26.248.76:49341] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.ageiron.com"] [uri "/.git/HEAD"] [unique_id "aSUEQN0KeubXWq5G4xgdzgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:12:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:12:41.490843 2025] [security2:error] [pid 3165:tid 3165] [client 216.26.248.76:30153] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.36hoursonly.vittariadesign.com"] [uri "/.git/HEAD"] [unique_id "aSQhiU5hM8PldqrvXJXRvgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:17:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:17:02.715568 2025] [security2:error] [pid 20102:tid 20102] [client 216.26.248.76:43795] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bajocamara.com"] [uri "/.env"] [unique_id "aSQUfniNlJlbAjvOTiVGFwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:00:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:00:36.513015 2025] [security2:error] [pid 19309:tid 19309] [client 216.26.248.76:57417] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "axiselectric.net"] [uri "/.git/HEAD"] [unique_id "aSQQpBgtUEnyX47DCLO-EwAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:20:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:20:13.399533 2025] [security2:error] [pid 28306:tid 28306] [client 216.26.248.76:41773] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.appliedcam.com"] [uri "/.svn/wc.db"] [unique_id "aSQHLYCSpSwMs1GWEU9bfAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-24 06:21:34 (6 months ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:16:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:16:03.893783 2025] [security2:error] [pid 15820:tid 15820] [client 216.26.248.76:43831] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.jdeloa.com"] [uri "/.svn/wc.db"] [unique_id "aSP4I65u-B6XtDet2Lz2IgAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:04:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:04:18.674219 2025] [security2:error] [pid 3643:tid 3643] [client 216.26.248.76:59401] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.coast-consult.com"] [uri "/.git/HEAD"] [unique_id "aSPnUjCJOte_tUvDoeKQjQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:14:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.248.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.248.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:14:22.981515 2025] [security2:error] [pid 10897:tid 10897] [client 216.26.248.76:55605] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.lesbidrawn.com"] [uri "/.svn/wc.db"] [unique_id "aSPbnk4WcL-laII1Mvh6mQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 223.225.96.57

🇰🇷 222.110.147.58

🇧🇩 202.84.34.85

🇭🇰 202.82.33.176

🇨🇳 182.138.158.9

🇻🇳 171.237.176.209

🇹🇭 150.95.82.21

🇺🇸 147.185.132.168

🇬🇧 35.203.211.212

🇺🇸 18.224.215.143

🇬🇧 213.166.84.34

🇸🇬 167.99.72.161

🇩🇪 167.94.146.50

🇺🇸 162.216.149.154

🇹🇷 88.249.185.178

🇬🇧 185.116.172.5

🇩🇪 141.11.107.166

🇩🇪 93.123.84.201

🇸🇬 52.221.227.230

🇸🇬 45.82.78.108