JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.241.138

216.26.241.138 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 51%: ?

51%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.241.138

Whois 216.26.241.138

IP Abuse Reports for 216.26.241.138:

This IP address has been reported a total of 20 times from 13 distinct sources. 216.26.241.138 was first reported on October 16th 2025, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 dynamix	2026-06-17 16:26:10 (6 hours ago)	WordPress wp-login.php Brute Force Attack	Brute-Force Web App Attack
🇲🇹 Malta	2026-06-17 02:17:35 (20 hours ago)	216.26.241.138 - - [17/Jun/2026:04:17:35 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows ... show more 216.26.241.138 - - [17/Jun/2026:04:17:35 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇬🇧 poundawebsiteltd	2026-06-16 17:14:36 (1 day ago)	WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 216.26.241.138 - - [16/Jun/2026:18:14:31 +0100] ... show more WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 216.26.241.138 - - [16/Jun/2026:18:14:31 +0100] POST /wp-login.php HTTP/1.1 200 7361 https://[REDACTED_DOMAIN]/wp-login.php Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36 show less	Web App Attack
🇫🇷 ELYAZ	2026-06-15 20:12:30 (2 days ago)	(y4) Failed scan -byebye- from 216.26.241.138 (BR/Brazil/-): (CF_ENABLE)	Hacking
🇺🇸 dtorrer	2026-06-11 18:11:09 (6 days ago)	Brute-force general attack.	Brute-Force
🇷🇴 ICT	2026-06-11 16:50:28 (6 days ago)	Jun 11 19:50:10 wordpress wordpress(ro-openscreen.ro)[13975]: Authentication attempt for unknown use ... show more Jun 11 19:50:10 wordpress wordpress(ro-openscreen.ro)[13975]: Authentication attempt for unknown user [email protected] from 216.26.241.138 Jun 11 19:50:13 wordpress wordpress(ro-openscreen.ro)[13973]: Authentication attempt for unknown user wadminw from 216.26.241.138 Jun 11 19:50:27 wordpress wordpress(ro-openscreen.ro)[13974]: Authentication attempt for unknown user wp-user from 216.26.241.138 ... show less	Brute-Force Web App Attack
🇩🇪 FeG Deutschland	2026-06-11 00:09:29 (6 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇱🇻 garmtech.com	2026-06-10 21:12:34 (1 week ago)	IM360 WAF: Prohibited WordPress username login/registration	Web App Attack
🇺🇸 CMT	2026-04-27 15:02:00 (1 month ago)	Trying to log into wordpress admin with depreciated creds.	Web App Attack Hacking
🇱🇻 garmtech.com	2026-02-28 20:04:13 (3 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇺🇸 TPI-Abuse	2025-12-02 16:42:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.241.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.241.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 11:42:28.880861 2025] [security2:error] [pid 16158:tid 16158] [client 216.26.241.138:53897] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "abeltours.com"] [uri "/.git/HEAD"] [unique_id "aS8W9KvjBGrK1YJl36etqQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 08:24:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.241.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.241.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 03:24:08.370437 2025] [security2:error] [pid 15838:tid 15838] [client 216.26.241.138:35777] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "samplemaker.com"] [uri "/.git/HEAD"] [unique_id "aS6iKPoYCpgX32esogWL2QAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:52:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.241.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.241.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:52:25.486206 2025] [security2:error] [pid 25407:tid 25407] [client 216.26.241.138:40409] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ndanou.com"] [uri "/.svn/wc.db"] [unique_id "aS5-mTKWVt_6VpQM2tfSfAAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:17:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.241.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.26.241.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:16:55.126814 2025] [security2:error] [pid 3001:tid 3001] [client 216.26.241.138:35493] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "purplebikinis.com"] [uri "/.git/HEAD"] [unique_id "aS5oN5V6nVDsyVCCYcBdygAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2025-12-02 00:56:47 (6 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇪 193.189.100.199

🇺🇸 45.56.111.145

🇸🇪 193.189.100.195

🇳🇱 192.42.116.97

🇳🇱 192.42.116.96

🇸🇪 192.36.109.86

🇳🇱 185.242.226.61

🇨🇳 180.76.137.24

🇺🇸 165.154.255.26

🇺🇸 66.132.186.172

🇨🇳 14.103.112.243

🇩🇪 5.231.70.98

🇮🇩 202.77.111.162

🇿🇼 197.221.232.44

🇳🇱 192.42.116.64

🇳🇱 192.42.116.62

🇷🇺 178.178.222.62

🇫🇷 91.238.181.92

🇨🇳 58.245.27.195

🇨🇳 39.154.22.20