JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.230.64

216.26.230.64 was found in our database!

This IP was reported 40 times. Confidence of Abuse is 41%: ?

41%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.230.64

Whois 216.26.230.64

IP Abuse Reports for 216.26.230.64:

This IP address has been reported a total of 40 times from 19 distinct sources. 216.26.230.64 was first reported on September 30th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇽 octageeks.com	2026-06-26 04:14:44 (1 day ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇬🇧 poundawebsiteltd	2026-06-25 11:37:31 (2 days ago)	WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 216.26.230.64 - - [25/Jun/2026:12:37:26 +0100] P ... show more WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 216.26.230.64 - - [25/Jun/2026:12:37:26 +0100] POST /wp-login.php HTTP/1.1 200 7260 https://[REDACTED_DOMAIN]/wp-login.php Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; rv:120.0) Gecko/20100101 Firefox/120.0 show less	Web App Attack
🇱🇻 garmtech.com	2026-06-24 23:10:32 (3 days ago)	IM360 WAF: Prohibited WordPress username login/registration	Web App Attack
🇲🇹 Malta	2026-06-24 16:10:45 (3 days ago)	216.26.230.64 - - [24/Jun/2026:18:10:44 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh ... show more 216.26.230.64 - - [24/Jun/2026:18:10:44 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" show less	Hacking Web App Attack
🇫🇷 tecnicorioja	2026-06-23 22:00:58 (4 days ago)	wp-login attack [23/Jun/2026:17:30:13	Brute-Force Web App Attack
🇲🇽 octageeks.com	2026-06-18 04:23:28 (1 week ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇫🇷 tecnicorioja	2026-06-13 22:01:04 (2 weeks ago)	wp-login attack [13/Jun/2026:03:25:51	Brute-Force Web App Attack
🇬🇷 setupgr	2026-06-13 05:34:26 (2 weeks ago)	(mod_security) mod_security (id:900001) triggered by 216.26.230.64: 1 in the last 86400 secs; Ports: ... show more (mod_security) mod_security (id:900001) triggered by 216.26.230.64: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sat Jun 13 08:34:21.068374 2026] [security2:error] [pid 568462:tid 568595] [client 216.26.230.64:18053] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: ions.gr"] [severity "CRITICAL"] [tag "security"] [hostname "ions.gr"] [uri "/wp-login.php"] [unique_id "aizr3X3MZME_v5maSVSgzAAAAUk"], referer: https://ions.gr/wp-login.php show less	Port Scan
🇬🇧 PeravixGroup	2026-05-10 10:36:02 (1 month ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 mnsf	2026-02-16 02:05:55 (4 months ago)	Scanning/Probing (17)	Brute-Force Web App Attack
Anonymous	2026-02-15 13:05:46 (4 months ago)	WAF repeated trigger detected by Fail2Ban	Web App Attack
🇺🇸 moppetto	2026-02-15 12:12:00 (4 months ago)	.git/config credential scraping; GET /.git/config	Bad Web Bot
🇺🇸 myagent.site	2026-02-15 06:30:35 (4 months ago)	Blocking for trying to access an exploit file: /backend/.env	Hacking
🇺🇸 mnsf	2026-02-15 01:05:49 (4 months ago)	Scanning/Probing (17)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:22:21 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.230.64 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.230.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:22:16.461325 2025] [security2:error] [pid 31286:tid 31286] [client 216.26.230.64:43623] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.media1069.com"] [uri "/.svn/wc.db"] [unique_id "aSQVuDrOgvAy_faH5HKTWwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 40 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.132

🇺🇸 136.144.35.138

🇨🇳 202.194.98.228

🇬🇧 185.216.145.163

🇺🇸 172.64.217.218

🇺🇸 172.64.217.182

🇺🇸 172.64.217.37

🇺🇸 172.64.217.36

🇺🇸 162.216.149.152

🇺🇸 162.216.149.116

🇺🇸 151.246.221.249

🇺🇸 148.153.245.161

🇮🇱 147.234.96.149

🇸🇬 146.174.188.107

🇰🇷 61.80.247.39

🇳🇱 45.148.10.151

🇺🇸 45.63.4.69

🇨🇭 35.216.172.131

🇺🇸 34.172.97.49

🇸🇦 5.163.165.14