JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.237.12

216.26.237.12 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 21%: ?

21%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.237.12

Whois 216.26.237.12

IP Abuse Reports for 216.26.237.12:

This IP address has been reported a total of 26 times from 14 distinct sources. 216.26.237.12 was first reported on September 27th 2025, and the most recent report was 5 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-20 03:13:11 (5 hours ago)	Web App Attack	Web App Attack
🇫🇷 Sklurk	2026-06-17 01:42:03 (3 days ago)	Web App Attack	Web App Attack
🇩🇪 iNetWorker	2026-05-21 17:43:42 (4 weeks ago)	trolling for resource vulnerabilities	Web App Attack
🇺🇸 dtorrer	2026-05-21 06:27:57 (4 weeks ago)	General vulnerability scan.	Port Scan
🇺🇸 Charlesiv	2026-05-03 06:00:52 (1 month ago)	Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: BLOCK ASN: 200373 (3xK Tech GmbH) P ... show more Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: BLOCK ASN: 200373 (3xK Tech GmbH) Protocol: HTTP/1.1 (GET method) Endpoint: //static.cloudflareinsights.com/beacon.min.js Timestamp: 2026-05-03T04:36:37Z Ray ID: 9f5c90d67c89ab08 UA: Mozilla/5.0 (Linux; Android 8.0.0; moto e5 cruise Build/OCPS27.91-157-12) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.91 Mobile Safari/537.36 show less	Bad Web Bot
Anonymous	2026-04-02 17:45:54 (2 months ago)	Forum/form spam	Web Spam
Anonymous	2026-01-26 01:22:00 (4 months ago)	Credential stuffing	Brute-Force
🇺🇸 TPI-Abuse	2025-12-02 22:15:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.237.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.237.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:14:59.795183 2025] [security2:error] [pid 19255:tid 19255] [client 216.26.237.12:29463] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "neathridge.com"] [uri "/.env"] [unique_id "aS9k4zO3p5-Ea6DDNGuFaQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 08:48:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.237.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.237.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 03:48:27.230318 2025] [security2:error] [pid 970:tid 970] [client 216.26.237.12:55637] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ssion.com"] [uri "/.svn/wc.db"] [unique_id "aS6n2wpjsOUthzvQwjm4RgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:18:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.237.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.237.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:18:27.332061 2025] [security2:error] [pid 3578:tid 3578] [client 216.26.237.12:43607] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bayoutown.com"] [uri "/.svn/wc.db"] [unique_id "aS52ozsxRHtmSPcgUAQg0QAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2025-12-02 05:07:26 (6 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2025-12-02 04:10:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.237.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.237.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:10:19.209665 2025] [security2:error] [pid 1861387:tid 1861387] [client 216.26.237.12:40107] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jefflowenstein.com"] [uri "/.git/HEAD"] [unique_id "aS5mq59X5zmeIQCgqFotqAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Steve	2025-11-13 01:45:20 (7 months ago)	Repeated attempts against wordpress site	Brute-Force Web App Attack
🇫🇮 as211431.net	2025-11-03 02:20:27 (7 months ago)	Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /index.php UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.4 Safari/605.1.15 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2025-11-02 17:44:56 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 06:49:03	Port Scan Brute-Force Exploited Host Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 150.107.38.234

🇰🇷 125.130.223.207

🇺🇸 98.90.43.197

🇨🇭 89.217.231.108

🇫🇷 85.217.140.23

🇷🇺 82.208.127.171

🇮🇶 65.20.237.119

🇳🇱 45.148.10.152

🇺🇸 40.67.161.44

🇨🇳 14.18.122.98

🇮🇹 5.99.196.202

🇱🇹 188.69.225.188

🇺🇸 155.103.69.40

🇨🇳 113.226.252.172

🇮🇳 103.123.226.138

🇩🇪 95.90.249.183

🇨🇦 85.217.149.25

🇺🇸 66.132.172.117

🇫🇷 5.196.109.36

🇺🇸 162.216.149.181