JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.225.115

216.26.225.115 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 18%: ?

18%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.225.115

Whois 216.26.225.115

IP Abuse Reports for 216.26.225.115:

This IP address has been reported a total of 17 times from 12 distinct sources. 216.26.225.115 was first reported on September 28th 2025, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇷 setupgr	2026-06-13 05:35:56 (2 hours ago)	(mod_security) mod_security (id:900001) triggered by 216.26.225.115: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:900001) triggered by 216.26.225.115: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sat Jun 13 08:35:53.542321 2026] [security2:error] [pid 617818:tid 617856] [client 216.26.225.115:30657] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: ions.gr"] [severity "CRITICAL"] [tag "security"] [hostname "ions.gr"] [uri "/wp-login.php"] [unique_id "aizsObW1jJCSQWbpQzaf6wAAAEg"], referer: https://ions.gr/wp-login.php show less	Port Scan
🇬🇷 setupgr	2026-06-13 04:21:24 (3 hours ago)	(mod_security) mod_security (id:900001) triggered by 216.26.225.115: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:900001) triggered by 216.26.225.115: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sat Jun 13 07:21:21.932682 2026] [security2:error] [pid 617818:tid 617852] [client 216.26.225.115:24637] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.asteriassantorini.com"] [severity "CRITICAL"] [tag "security"] [hostname "mail.asteriassantorini.com"] [uri "/wp-login.php"] [unique_id "aizawbW1jJCSQWbpQzaacAAAAEQ"], referer: https://mail.asteriassantorini.com/wp-login.php show less	Port Scan
🇮🇩 zam	2026-06-11 20:08:12 (1 day ago)	216.26.225.115 - - [11/Jun/2026:20:07:49 +0000] "POST /wp-login.php HTTP/1.1" 301 277	Web App Attack
🇦🇺 HJ5Ss4Ju	2026-06-10 03:10:38 (3 days ago)	Blocked by Wordfence (SID 6)	Web App Attack
🇨🇭 ALPHANET	2025-12-28 08:05:02 (5 months ago)	Botnet or web spider not respecting robots.txt	DDoS Attack Exploited Host
🇵🇱 sefinek.net	2025-12-22 22:26:26 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Vivaldi/5.3.2679.68 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-27 20:19:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.225.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.225.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 15:19:46.978833 2025] [security2:error] [pid 31689:tid 31689] [client 216.26.225.115:40847] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "buenasfrecuencias.com"] [uri "/.env"] [unique_id "aSiyYvK6J0ZPjuaDVmdwUQAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 20:12:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.225.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.225.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 15:12:25.289124 2025] [security2:error] [pid 31344:tid 31344] [client 216.26.225.115:21611] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scala-global.com"] [uri "/.svn/wc.db"] [unique_id "aSdfKXeXEHd4FRjNUA6YQwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-29 04:18:41 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇩🇪 ps-center	2025-10-27 01:55:18 (7 months ago)	C1-W: TCP-Scanner. Port: 22	Port Scan
🇨🇦 wil.com	2025-10-18 04:32:54 (7 months ago)	GlobalProtect login attempts with user tfnorris.	VPN IP Brute-Force
🇩🇪 Packets-Decreaser.NET	2025-10-07 17:13:55 (8 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-10-01 16:20:27 (8 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇮🇹 Rosh	2025-10-01 10:31:21 (8 months ago)	[10/01/25 12:31:21] SSH: authentication failure	Brute-Force SSH
Anonymous	2025-09-30 13:48:24 (8 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.09.30 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.09.30 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 2a01:4f8:c17:ace3::1

🇮🇩 163.7.1.218

🇮🇩 157.20.207.165

🇰🇷 121.136.168.232

🇨🇳 120.234.232.184

🇺🇸 98.92.97.151

🇺🇸 67.205.189.235

🇺🇸 48.216.243.151

🇳🇱 45.198.224.190

🇧🇪 34.156.248.64

🇳🇱 176.65.139.254

🇫🇮 147.185.133.99

🇨🇳 118.196.84.13

🇮🇳 103.199.205.191

🇮🇹 95.230.202.155

🇫🇮 74.125.74.30

🇷🇺 217.149.191.246

🇺🇸 66.132.186.201

🇮🇳 34.131.107.9

🇬🇧 31.14.254.124