JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.230.111

216.26.230.111 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 11%: ?

11%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.230.111

Whois 216.26.230.111

IP Abuse Reports for 216.26.230.111:

This IP address has been reported a total of 25 times from 13 distinct sources. 216.26.230.111 was first reported on September 27th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-23 05:56:49 (1 day ago)	Web App Attack	Web App Attack
🇬🇧 PeravixGroup	2026-05-09 15:05:46 (1 month ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-07 15:13:11 (1 month ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 fortypoundhead	2026-03-27 19:48:07 (2 months ago)	SQL Injection Attempt	SQL Injection Web App Attack
Anonymous	2026-03-27 09:05:02 (2 months ago)	Web attack	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:56:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.230.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.230.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:56:25.131854 2025] [security2:error] [pid 22942:tid 22942] [client 216.26.230.111:23477] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.thewarmachineguns.com"] [uri "/.env"] [unique_id "aSVFCd0rUxpEpRNuSCWn1gAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:01:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.230.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.230.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:01:31.467265 2025] [security2:error] [pid 24214:tid 24214] [client 216.26.230.111:44205] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.dick-schoonover.com"] [uri "/.env"] [unique_id "aSU4K6G7umeEtRTh5QIBzAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-25 04:30:59 (6 months ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇺🇸 TPI-Abuse	2025-11-25 04:13:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.230.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.230.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:13:54.495105 2025] [security2:error] [pid 15981:tid 15981] [client 216.26.230.111:26851] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.mldlnn.com"] [uri "/.env"] [unique_id "aSUtAvyhSEuVgvIL9RoAsAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:54:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.230.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.230.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:54:07.195552 2025] [security2:error] [pid 25753:tid 25753] [client 216.26.230.111:17929] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.michaelholdaway.com"] [uri "/.env"] [unique_id "aSUoXxSpshD1Tzl5LuCIigAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:53:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.230.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.230.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:53:40.504663 2025] [security2:error] [pid 14061:tid 14061] [client 216.26.230.111:31549] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kporterdesign.com"] [uri "/.svn/wc.db"] [unique_id "aSUaNMMV-GYVYKDC4QeffQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:58:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.230.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.230.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:57:59.405380 2025] [security2:error] [pid 16693:tid 16693] [client 216.26.230.111:53095] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.thegameforeverybody.com"] [uri "/.env"] [unique_id "aST_F4Qqb_sUk07MEE4ZvAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-02 14:37:49 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 07:04:27	Port Scan Brute-Force Exploited Host Web App Attack
Anonymous	2025-10-30 14:55:26 (7 months ago)	WordPress Brute Force	Brute-Force
🇩🇪 ps-center	2025-10-18 09:02:00 (8 months ago)	ABV-W: TCP-Scanner. Port: 22	Port Scan

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 217.146.80.114

🇩🇪 213.209.159.228

🇺🇸 184.75.230.133

🇺🇸 172.174.211.122

🇺🇸 166.196.75.94

🇻🇳 157.66.26.151

🇺🇸 154.92.22.13

🇸🇬 152.42.190.132

🇺🇸 146.88.240.131

🇺🇸 77.91.118.10

🇺🇸 65.49.1.14

🇺🇸 45.58.52.25

🇨🇳 36.153.189.66

🇺🇸 2001:470:1:fb5::213

🇧🇷 207.248.16.161

🇳🇱 204.76.203.219

🇧🇪 198.235.24.186

🇳🇱 195.178.110.31

🇩🇪 167.94.146.58

🇨🇳 106.13.46.38