JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.26.240

65.111.26.240 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 34%: ?

34%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.26.240

Whois 65.111.26.240

IP Abuse Reports for 65.111.26.240:

This IP address has been reported a total of 28 times from 16 distinct sources. 65.111.26.240 was first reported on June 27th 2024, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ELYAZ	2026-06-29 01:33:52 (10 hours ago)	(y4) Failed scan -byebye- from 65.111.26.240 (ES/Spain/-): (CF_ENABLE)	Hacking
🇫🇷 tecnicorioja	2026-06-28 22:01:33 (13 hours ago)	wp-login attack [28/Jun/2026:07:34:51	Brute-Force Web App Attack
🇫🇷 pm33	2026-06-24 08:02:10 (5 days ago)	Wordpress login attempts	Brute-Force
🇫🇷 ELYAZ	2026-06-23 22:41:03 (5 days ago)	(y4) Failed scan -byebye- from 65.111.26.240 (ES/Spain/-): (CF_ENABLE)	Hacking
🇬🇧 poundawebsiteltd	2026-06-22 23:15:21 (6 days ago)	WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 65.111.26.240 - - [23/Jun/2026:00:15:15 +0100] P ... show more WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 65.111.26.240 - - [23/Jun/2026:00:15:15 +0100] POST /wp-login.php HTTP/1.1 200 7360 https://[REDACTED_DOMAIN]/wp-login.php Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36 show less	Web App Attack
🇫🇷 ELYAZ	2026-06-20 19:00:59 (1 week ago)	(y4) Failed scan -byebye- from 65.111.26.240 (ES/Spain/-): (CF_ENABLE)	Hacking
Anonymous	2026-06-20 01:19:43 (1 week ago)	Web attack blocked by Wordfence on vestingstadvalkenburg.nl (1 hit). Reported by CRMON.	Web App Attack
Anonymous	2026-01-31 05:07:22 (4 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇪🇸 10dencehispahard SL	2026-01-26 12:15:06 (5 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇺🇸 Psycho Solutions LLC	2026-01-07 03:29:08 (5 months ago)	Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User A ... show more Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User Agent: N/A - Timestamp: 1/7/2026 3:29 am (UTC-6) show less	Web Spam Hacking Bad Web Bot Web App Attack
🇯🇵 Valhalla	2026-01-02 06:53:20 (5 months ago)	/wordpress/kickstart.php	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 08:46:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.26.240 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.26.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 03:46:42.875082 2025] [security2:error] [pid 4063:tid 4063] [client 65.111.26.240:46413] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "10mostwantedfugitives.com"] [uri "/.svn/wc.db"] [unique_id "aVI_8lzd91GgKn9cqypI6wAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 06:35:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.26.240 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.26.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:35:54.430298 2025] [security2:error] [pid 22864:tid 22864] [client 65.111.26.240:17819] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "owldreamllc.com"] [uri "/.env"] [unique_id "aVIhSlRi6zTxITjn_wFkZwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 06:16:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.26.240 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.26.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:16:30.869753 2025] [security2:error] [pid 2566013:tid 2566035] [client 65.111.26.240:43985] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "accreditedprojectmanager.com"] [uri "/.git/HEAD"] [unique_id "aVIcvppwqS-pohtV-2w9ZQAAANM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:46:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.26.240 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.26.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:46:29.313713 2025] [security2:error] [pid 19965:tid 19965] [client 65.111.26.240:35803] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "buildpower.com"] [uri "/.env"] [unique_id "aVIVtbT9BuSpa8uOuC57rQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 120.195.61.182

🇺🇸 43.153.99.170

🇺🇸 20.127.185.37

🇨🇴 186.146.235.58

🇨🇭 172.161.72.4

🇳🇱 144.31.203.90

🇮🇹 93.35.202.218

🇩🇪 87.106.42.210

🇹🇼 59.126.224.134

🇵🇭 58.69.177.3

🇦🇷 186.122.177.140

🇫🇷 159.26.112.11

🇵🇭 157.119.68.106

🇨🇳 125.39.93.73

🇧🇩 115.127.149.226

🇮🇩 103.99.214.16

🇺🇸 91.230.168.4

🇰🇷 61.43.121.132

🇨🇭 51.107.68.88

🇺🇸 50.78.25.138