JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.225.30

216.26.225.30 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.225.30

Whois 216.26.225.30

IP Abuse Reports for 216.26.225.30:

This IP address has been reported a total of 24 times from 9 distinct sources. 216.26.225.30 was first reported on September 26th 2025, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 inspectorgdgt	2025-12-24 22:00:00 (5 months ago)	VPN brute-force login attempts observed (bulk report).	Brute-Force
🇺🇸 TPI-Abuse	2025-11-25 06:22:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.225.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.225.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:22:26.660068 2025] [security2:error] [pid 12299:tid 12299] [client 216.26.225.30:35179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.multimediaperformances.com"] [uri "/.svn/wc.db"] [unique_id "aSVLIscydT9V8IgbTV_BUgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:03:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.225.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.225.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:03:12.779728 2025] [security2:error] [pid 1278:tid 1298] [client 216.26.225.30:18739] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.thatspecial.com"] [uri "/.svn/wc.db"] [unique_id "aSUccM-5_Q7Y14ElCf2IpgAAAVI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:46:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.225.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.225.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:46:04.823711 2025] [security2:error] [pid 21131:tid 21131] [client 216.26.225.30:26307] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.mikedeutsch.com"] [uri "/.svn/wc.db"] [unique_id "aSUYbFAgZB3LIHddTolB2AAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:19:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.225.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.225.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:19:08.655103 2025] [security2:error] [pid 16150:tid 16150] [client 216.26.225.30:16365] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.d-sinema.com"] [uri "/.env"] [unique_id "aSUSHIWYffRk8bMbNzgUPwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇸 Smel	2025-11-24 09:52:12 (6 months ago)	HTTP/80/443/8080 Unauthorized Probe, Hack -	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:40:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.225.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.225.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:40:09.749629 2025] [security2:error] [pid 12006:tid 12070] [client 216.26.225.30:31435] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.condominium-property-management.com"] [uri "/.env"] [unique_id "aSQZ6UDKyspBjqfQ2lVU_gAAAEg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:41:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.225.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.225.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:41:04.060072 2025] [security2:error] [pid 10696:tid 10790] [client 216.26.225.30:45445] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.southsideeconomic.org"] [uri "/.git/HEAD"] [unique_id "aSQMECJafRnFKTiRlopZLAAAAUA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:20:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.225.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.225.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:20:13.465954 2025] [security2:error] [pid 7728:tid 7728] [client 216.26.225.30:43751] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.tupansetc.com"] [uri "/.env"] [unique_id "aSQHLUE9x8YQ3DYd2sbiegAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-17 21:09:20 (6 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.17 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.17 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-14 16:18:44 (6 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.14 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.14 is noted in report timestamp show less	Hacking Brute-Force
🇧🇪 madeit	2025-11-04 14:26:44 (7 months ago)		Web App Attack
🇫🇷 applemooz	2025-11-01 11:29:18 (7 months ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack
🇦🇺 AWW-Admin	2025-10-29 15:50:57 (7 months ago)	(wordpress) Failed wordpress login from 216.26.225.30 (US/United States/-)	Brute-Force
Anonymous	2025-10-28 23:24:15 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.202.112.76

🇬🇧 195.96.139.211

🇳🇱 193.187.128.214

🇮🇳 168.220.237.171

🇮🇩 143.20.49.38

🇩🇪 130.12.181.101

🇨🇳 123.96.5.172

🇨🇳 112.94.189.208

🇺🇸 20.62.204.17

🇺🇸 207.241.173.115

🇬🇧 194.50.235.148

🇺🇸 185.149.26.71

🇸🇬 128.199.216.54

🇺🇦 45.12.3.48

🇩🇪 43.165.6.182

🇮🇳 34.93.128.179

🇳🇱 195.178.110.30

🇺🇸 192.178.119.148

🇩🇪 167.94.145.30

🇺🇸 104.42.121.220