JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.126.108.130

212.126.108.130 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 55%: ?

55%

ISP	Pulk Company for General Trading, Communications & Investment, Ltd.
Usage Type	Fixed Line ISP
ASN	AS39216
Domain Name	pulkcompany.com
Country	🇮🇶 Iraq
City	Erbil, Erbil

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.126.108.130

Whois 212.126.108.130

IP Abuse Reports for 212.126.108.130:

This IP address has been reported a total of 15 times from 12 distinct sources. 212.126.108.130 was first reported on October 2nd 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 big-cloud.nl	2026-06-25 13:43:19 (1 day ago)	Try to access /xmlrpc.php	Web App Attack
🇳🇱 DrLex0	2026-06-25 12:42:02 (1 day ago)	BnL003: POST attempt on xmlrpc.php, likely botnet drone 212.126.108.130 443 - [25/Jun/2026:12:42:02 ... show more BnL003: POST attempt on xmlrpc.php, likely botnet drone 212.126.108.130 443 - [25/Jun/2026:12:42:02 +0000] "POST /xmlrpc.php HTTP/1.1" 400 5412 "-" "Mozilla/5.0 (Windows NT 6.3; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Opera/60.0.0.0 Safari/537.36" show less	Brute-Force Bad Web Bot Exploited Host Web App Attack
🇨🇭 4server	2026-06-23 14:12:18 (3 days ago)	[TueJun2316:12:14.9719742026][security2:error][pid2438530:tid2438555][client212.126.108.130:0]ModSec ... show more [TueJun2316:12:14.9719742026][security2:error][pid2438530:tid2438555][client212.126.108.130:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"368\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"gsdsagl.ch\"][uri\"/xmlrpc.php\"][unique_id\"ajqUPuDZWRl72SX6cDU5pwAAANc\"] show less	Hacking Web App Attack
🇩🇪 4server	2026-06-21 13:07:10 (5 days ago)	[SunJun2115:07:08.8745682026][security2:error][pid222249:tid222308][client212.126.108.130:0]ModSecur ... show more [SunJun2115:07:08.8745682026][security2:error][pid222249:tid222308][client212.126.108.130:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"kvsm-blackstone.com\"][uri\"/xmlrpc.php\"][unique_id\"ajfh_L5GKNIHCYX8N_uu1AAAAQA\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 12:08:24 (5 days ago)	(mod_security) mod_security (id:225170) triggered by 212.126.108.130 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 212.126.108.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 08:08:20.693630 2026] [security2:error] [pid 24380:tid 24380] [client 212.126.108.130:61938] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|intrinsicdiscovery.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "intrinsicdiscovery.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajfUNLmZn55EAk8nMhTqNAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Penny Packer	2026-06-21 07:41:17 (5 days ago)	Fail2Ban apache-tripwires	Web App Attack
🇳🇱 wlt-blocker	2026-06-20 12:15:02 (6 days ago)	Unauthorized access to webpage admin	Web App Attack
🇺🇸 interbiznw.com	2026-06-20 10:44:40 (6 days ago)	malicious-web-requests-vulnerability-scanning	Hacking Brute-Force Exploited Host Web App Attack
🇳🇱 wlt-blocker	2026-06-18 11:33:01 (1 week ago)	Unauthorized access to webpage admin	Web App Attack
🇫🇷 ELYAZ	2026-06-18 06:22:20 (1 week ago)	(wordpress) Failed wordpress login from 212.126.108.130 (IQ/Iraq/-): (CF_ENABLE)	Brute-Force
🇩🇪 stinpriza	2026-06-17 10:51:15 (1 week ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 10:30:03 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 212.126.108.130 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 212.126.108.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 06:29:56.650372 2026] [security2:error] [pid 24844:tid 24844] [client 212.126.108.130:63410] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|dianamead.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dianamead.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajJ3JHakNRmFqDrfS7ZvVgAAAC4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 EGP Abuse Dept	2026-04-11 09:54:06 (2 months ago)	Scraping webshop URLs (www.creall.com), likely botnet drone	Bad Web Bot Exploited Host
Anonymous	2025-11-19 14:30:39 (7 months ago)	scanning http requests from known botnet	Web App Attack
🇳🇱 exxos	2025-10-02 15:03:01 (8 months ago)	Attacks with Bad user agents	Hacking

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 223.197.178.95

🇧🇷 200.53.202.190

🇳🇱 195.178.110.217

🇭🇰 125.59.252.103

🇨🇳 120.198.138.185

🇳🇱 91.92.40.233

🇮🇪 34.240.19.183

🇺🇸 205.210.31.96

🇭🇰 199.45.154.130

🇳🇱 176.65.139.237

🇺🇸 91.230.168.201

🇹🇷 89.252.131.17

🇳🇱 45.148.10.157

🇳🇱 43.239.89.225

🇧🇷 43.157.163.155

🇬🇧 35.203.211.102

🇬🇧 8.208.10.94

🇮🇷 2.189.10.220

🇰🇷 211.62.96.42

🇳🇱 195.178.110.232