JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.225.164

216.26.225.164 was found in our database!

This IP was reported 51 times. Confidence of Abuse is 50%: ?

50%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.225.164

Whois 216.26.225.164

IP Abuse Reports for 216.26.225.164:

This IP address has been reported a total of 51 times from 28 distinct sources. 216.26.225.164 was first reported on September 30th 2025, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 TheCoon	2026-06-27 18:45:01 (1 hour ago)	Automated: Credential theft attempt - JSON bomb served	Web App Attack Hacking
🇳🇿 Antinson	2026-06-26 04:55:14 (1 day ago)	Scraping with a high error ratio and request rate Requests to unauthorized or suspicious endpoints ( ... show more Scraping with a high error ratio and request rate Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.) show less	Bad Web Bot
🇫🇷 Sklurk	2026-06-23 03:57:53 (4 days ago)	Web App Attack	Web App Attack
🇺🇸 lostswordfish.com	2026-06-16 13:50:07 (1 week ago)	Wordfence waf block on baystatereentrynetwork	Web App Attack
🇲🇽 octageeks.com	2026-06-16 04:13:39 (1 week ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇫🇷 ELYAZ	2026-06-16 01:54:16 (1 week ago)	(y4) Failed scan -byebye- from 216.26.225.164 (US/United States/-): (CF_ENABLE)	Hacking
🇫🇷 ELYAZ	2026-06-14 10:35:23 (1 week ago)	(y4) Failed scan -byebye- from 216.26.225.164 (US/United States/-): (CF_ENABLE)	Hacking
🇲🇹 Malta	2026-06-14 06:30:11 (1 week ago)	216.26.225.164 - - [14/Jun/2026:08:30:10 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Ubu ... show more 216.26.225.164 - - [14/Jun/2026:08:30:10 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇬🇷 setupgr	2026-06-13 12:11:13 (2 weeks ago)	(mod_security) mod_security (id:900001) triggered by 216.26.225.164: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:900001) triggered by 216.26.225.164: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sat Jun 13 15:11:11.810229 2026] [security2:error] [pid 784503:tid 784647] [client 216.26.225.164:34849] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: villa-izabela.com"] [severity "CRITICAL"] [tag "security"] [hostname "villa-izabela.com"] [uri "/wp-login.php"] [unique_id "ai1I36P-gsFtswuT33T4GgAAAFU"], referer: https://villa-izabela.com/wp-login.php show less	Port Scan
🇩🇪 4server	2026-06-02 06:15:25 (3 weeks ago)	[TueJun0208:15:20.4392112026][security2:error][pid3889424:tid3889563][client216.26.225.164:0]ModSecu ... show more [TueJun0208:15:20.4392112026][security2:error][pid3889424:tid3889563][client216.26.225.164:0]ModSecurity:Accessdeniedwithcode403$phase2$.OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded$TotalScore:5$\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"traslochisubito.ch\"][uri\"/wp-login.php\"][unique_id\"ah50-DRHSOhln5AXQLBodQAAANM\"]\,referer:https://traslochisubito.ch/wp-login.php show less	Port Scan Brute-Force Web App Attack
🇫🇷 pm33	2026-05-31 01:07:25 (3 weeks ago)	Wordpress login attempts	Brute-Force
🇲🇽 octageeks.com	2026-05-30 04:12:14 (4 weeks ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇬🇧 PeravixGroup	2026-05-06 19:07:18 (1 month ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: CRITICAL. Aaran.cloud show less	Hacking Exploited Host
🇨🇳 ThreatBook.io	2026-05-06 03:04:12 (1 month ago)	ThreatBook Intelligence: Spam,Gateway more details on https://threatbook.io/ip/216.26.225.164 2026-0 ... show more ThreatBook Intelligence: Spam,Gateway more details on https://threatbook.io/ip/216.26.225.164 2026-05-05 21:21:00 / 2026-05-05 20:58:35 / show less	Web App Attack
🇺🇸 windowsforum	2026-03-10 22:09:39 (3 months ago)	Spam bot registration: triggers=timing, js_challenge, inv_honeypot, pow_fail, username=LannyMoir	Web Spam Bad Web Bot

Showing 1 to 15 of 51 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 212.73.148.15

🇹🇼 210.61.148.174

🇮🇩 202.145.0.18

🇱🇻 196.196.53.141

🇳🇱 195.178.110.30

🇺🇸 162.216.150.104

🇳🇱 45.148.10.141

🇭🇰 199.45.154.182

🇭🇰 199.45.154.179

🇮🇳 183.82.111.224

🇫🇷 95.170.26.82

🇮🇹 93.92.72.125

🇨🇳 58.209.158.85

🇺🇸 45.79.172.21

🇺🇸 45.79.149.61

🇮🇳 27.123.114.190

🇺🇸 198.58.122.145

🇧🇷 189.127.109.198

🇺🇸 185.180.141.50

🇨🇳 112.3.200.41