JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.26.238

65.111.26.238 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 36%: ?

36%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.26.238

Whois 65.111.26.238

IP Abuse Reports for 65.111.26.238:

This IP address has been reported a total of 18 times from 16 distinct sources. 65.111.26.238 was first reported on June 28th 2024, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 tecnicorioja	2026-06-22 22:01:13 (8 hours ago)	wp-login attack [22/Jun/2026:08:07:44	Brute-Force Web App Attack
Anonymous	2026-06-20 15:39:29 (2 days ago)	[osotir.org] httpd-login-spray-site: sites=prostiniki.gr; logs=/var/log/httpd/domains/prostiniki.gr. ... show more [osotir.org] httpd-login-spray-site: sites=prostiniki.gr; logs=/var/log/httpd/domains/prostiniki.gr.log; samples=site_wide=true \| distinct_ips=40 \| /wp-login.php show less	Hacking Web App Attack
🇬🇷 setupgr	2026-06-19 23:04:09 (3 days ago)	(mod_security) mod_security (id:900001) triggered by 65.111.26.238 (ES/Spain/Madrid/Madrid/-/[AS2003 ... show more (mod_security) mod_security (id:900001) triggered by 65.111.26.238 (ES/Spain/Madrid/Madrid/-/[AS200373 DREI-K-TECH-GMBH]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sat Jun 20 02:04:08.885828 2026] [security2:error] [pid 2278:tid 2403] [client 65.111.26.238:20557] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "75"] [id "900001"] [msg "Blocked WP Login attempt on domain: adoro.gr"] [severity "CRITICAL"] [tag "security"] [hostname "adoro.gr"] [uri "/wp-login.php"] [unique_id "ajXK6AuYeXI6iTUJgvs8IgAAAIA"], referer: https://adoro.gr/wp-login.php show less	Port Scan
🇲🇹 Malta	2026-06-01 07:59:03 (3 weeks ago)	65.111.26.238 - - [01/Jun/2026:09:59:03 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh ... show more 65.111.26.238 - - [01/Jun/2026:09:59:03 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇫🇷 ELYAZ	2026-05-31 23:36:02 (3 weeks ago)	(y4) Failed scan -byebye- from 65.111.26.238 (ES/Spain/-): (CF_ENABLE)	Hacking
🇺🇸 dtorrer	2026-05-31 00:48:31 (3 weeks ago)	Brute-force general attack.	Brute-Force
🇩🇪 FeG Deutschland	2026-05-27 04:36:28 (3 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇫🇷 pm33	2026-05-25 22:29:13 (4 weeks ago)	Wordpress login attempts	Brute-Force
🇺🇸 TPI-Abuse	2026-02-18 02:21:05 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.26.238 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.26.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 21:21:01.912278 2026] [security2:error] [pid 28603:tid 28603] [client 65.111.26.238:59205] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "renardpoche.com"] [uri "/.env.local"] [unique_id "aZUiDXQbzZPFkG-u3cIcawAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-30 07:38:09 (4 months ago)	wordpress-trap	Web App Attack
🇪🇸 10dencehispahard SL	2026-01-26 12:15:03 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇺🇸 mind5t0rm	2026-01-08 14:34:10 (5 months ago)	(WPLOGIN) WP Login Attack 65.111.26.238 (-): 3 in the last 3600 secs; Ports: ; Direction: inout; Tr ... show more (WPLOGIN) WP Login Attack 65.111.26.238 (-): 3 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: 65.111.26.238 - - [08/Jan/2026:21:33:52 +0700] "GET /wp-login.php?wp_lang=en_US HTTP/1.1" 200 2466 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" 65.111.26.238 - - [08/Jan/2026:21:33:54 +0700] "POST /wp-login.php?wp_lang=en_US HTTP/1.1" 302 5 "https://zerowaterthailand.com/wp-login.php?wp_lang=en_US" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" 65.111.26.238 - - [08/Jan/2026:21:34:07 +0700] "GET /wp-login.php?redirect_to=https%3A%2F%2Fwww.zerowaterthailand.com%2Fwp-admin%2Fplugins.php&reauth=1 HTTP/1.1" 200 2471 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" show less	Port Scan
Anonymous	2025-11-14 15:09:21 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/14 09:07:21	Port Scan Brute-Force Exploited Host Web App Attack
Anonymous	2025-10-16 20:31:37 (8 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-03-23 02:04:55 (1 year ago)	(imapd) Failed IMAP login from 65.111.26.238 (US/United States/-)	Brute-Force

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 45.148.10.147

🇬🇧 195.206.182.201

🇩🇪 194.88.98.93

🇲🇽 189.217.212.218

🇹🇼 114.32.253.248

🇨🇳 106.75.163.108

🇩🇪 69.5.169.204

🇩🇪 69.5.169.197

🇩🇪 69.5.169.163

🇮🇩 43.157.203.234

🇮🇳 2404:6800:4000:101d::12d

🇮🇳 2401:4900:1c72:65eb:c997:7628:f194:7c8d

🇺🇸 216.25.89.65

🇮🇹 188.216.20.194

🇦🇷 181.41.244.218

🇸🇬 172.104.52.201

🇺🇸 159.65.222.96

🇻🇳 115.73.218.47

🇳🇿 47.72.89.93

🇮🇳 2401:4900:8898:f22f:5132:16d9:f2e4:3333