JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.26.140

65.111.26.140 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 29%: ?

29%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.26.140

Whois 65.111.26.140

IP Abuse Reports for 65.111.26.140:

This IP address has been reported a total of 17 times from 13 distinct sources. 65.111.26.140 was first reported on July 3rd 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-16 03:06:58 (1 day ago)	Login Too Frequent (6)	Brute-Force Web App Attack
🇺🇸 bpolson	2026-06-15 17:10:05 (1 day ago)	WordPress Hacking/Scanning. (s1)	Hacking Web App Attack
🇲🇹 Malta	2026-06-15 15:27:57 (1 day ago)	65.111.26.140 - - [15/Jun/2026:17:27:57 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows N ... show more 65.111.26.140 - - [15/Jun/2026:17:27:57 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:118.0) Gecko/20100101 Firefox/118.0" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇫🇷 ELYAZ	2026-06-12 02:36:49 (5 days ago)	(y4) Failed scan -byebye- from 65.111.26.140 (ES/Spain/-): (CF_ENABLE)	Hacking
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:53 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇳🇱 Mangelot Hosting	2025-12-20 20:09:19 (5 months ago)	(php_susp_dir) srv104 PHP in suspicious dir 65.111.26.140 (ES/Spain/-): 1 in the last 3600 secs; Por ... show more (php_susp_dir) srv104 PHP in suspicious dir 65.111.26.140 (ES/Spain/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 07:22:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.26.140 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.26.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:22:47.412813 2025] [security2:error] [pid 22546:tid 22546] [client 65.111.26.140:9737] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ebolabooks.com"] [uri "/.svn/wc.db"] [unique_id "aSVZRyhzk1gqEnnQBhb3FAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-13 18:47:41 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/13 12:42:47	Port Scan Brute-Force Exploited Host Web App Attack
Anonymous	2025-11-02 19:54:00 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 06:54:53	Port Scan Brute-Force Exploited Host Web App Attack
🇮🇹 Rosh	2025-10-27 01:28:59 (7 months ago)	[10/27/25 02:28:59] SSH: authentication failure	Brute-Force SSH
Anonymous	2025-10-16 11:25:05 (8 months ago)	[redacted] 65.111.26.140 - - [16/Oct/2025:13:24:45 +0200] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "M ... show more [redacted] 65.111.26.140 - - [16/Oct/2025:13:24:45 +0200] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/312.8 (KHTML, like Gecko) Safari/312.5" [redacted] 65.111.26.140 - - [16/Oct/2025:13:24:47 +0200] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Linux; Android 7.0; Moto C Build/NRD90M.059) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Mobile Safari/537.36" [redacted] 65.111.26.140 - - [16/Oct/2025:13:24:51 +0200] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Linux; Android 5.1.1; HUAWEI SCL-L03 Build/HuaweiSCL-L03) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Mobile Safari/537.36" [redacted] 65.111.26.140 - - [16/Oct/2025:13:24:51 +0200] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 5_0_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9A405 Safari/7534.48.3" joerg-sh ... show less	Hacking Web App Attack
Anonymous	2025-10-16 10:29:26 (8 months ago)		Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-02-03 06:34:56 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 65.111.26.140 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 65.111.26.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 03 01:34:49.482064 2025] [security2:error] [pid 3075850:tid 3075850] [client 65.111.26.140:48455] [client 65.111.26.140] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|21north.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "21north.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z6BjiWFH8J_UlG66QnG_3AAAACM"], referer: https://21north.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-08-19 19:05:33 (1 year ago)	BruteForce IMAP/POP3	Brute-Force
Anonymous	2024-07-10 00:44:09 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 115.248.8.65

🇺🇸 173.254.220.59

🇺🇸 173.239.240.163

🇩🇪 148.153.166.221

🇰🇷 144.24.90.245

🇧🇩 103.179.198.19

🇧🇬 79.124.59.78

🇺🇸 66.191.102.234

🇺🇸 44.43.118.218

🇯🇵 43.165.180.54

🇰🇷 222.116.33.50

🇰🇷 211.228.97.186

🇭🇰 203.198.129.123

🇻🇳 171.245.100.253

🇩🇪 162.55.85.218

🇺🇸 159.65.222.96

🇧🇩 157.15.134.239

🇨🇳 113.221.24.206

🇳🇱 45.148.10.141

🇧🇪 34.38.14.95