JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.26.237.52

216.26.237.52 was found in our database!

This IP was reported 36 times. Confidence of Abuse is 29%: ?

29%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.26.237.52

Whois 216.26.237.52

IP Abuse Reports for 216.26.237.52:

This IP address has been reported a total of 36 times from 22 distinct sources. 216.26.237.52 was first reported on September 27th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-05-28 02:45:14 (1 week ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇩🇪 LRob.fr	2026-05-28 01:45:08 (1 week ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇳🇿 Antinson	2026-05-25 07:36:48 (1 week ago)	Scraping with a high error ratio and request rate	Bad Web Bot
🇧🇪 cmbplf	2026-05-25 03:25:51 (1 week ago)	1.001 requests with url.path //xmlrpc.php	Brute-Force Bad Web Bot
🇪🇸 librebit	2026-05-17 04:34:13 (2 weeks ago)	Brute force	Brute-Force
🇩🇪 Ad Ministrator	2026-04-23 22:30:02 (1 month ago)	RdpGuard detected brute-force attempt on RD-WEB	Brute-Force
Anonymous	2026-04-23 22:16:45 (1 month ago)	Multiple failed login attemps RDS-Web-Access-Server	Brute-Force Web App Attack
🇳🇱 BlueWire Hosting	2026-01-13 06:29:53 (4 months ago)	Probing websites for vulnerabilities	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:57:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.237.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.237.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:57:27.762922 2025] [security2:error] [pid 23821:tid 23821] [client 216.26.237.52:42641] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.friendlyfarm4fun.com"] [uri "/.git/HEAD"] [unique_id "aSU3N5tRutMQfD6g4IMztQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-25 04:30:52 (6 months ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇺🇸 TPI-Abuse	2025-11-25 04:17:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.237.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.237.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:17:00.553950 2025] [security2:error] [pid 26048:tid 26048] [client 216.26.237.52:44515] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.deborbon.me"] [uri "/.git/HEAD"] [unique_id "aSUtvAqJO7t5Uwfnwg3XwwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:07:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.237.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.237.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:06:50.996424 2025] [security2:error] [pid 28336:tid 28336] [client 216.26.237.52:32563] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.rannals.com"] [uri "/.env"] [unique_id "aSUdSvNgQCWt_oGYIfGyOAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:41:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.237.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.237.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:41:49.937792 2025] [security2:error] [pid 15101:tid 15121] [client 216.26.237.52:52337] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.andestravel.net"] [uri "/.git/HEAD"] [unique_id "aSUXbaNKS2jdjfTVKRdTcgAAARE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:53:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.26.237.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.26.237.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:51:56.409202 2025] [security2:error] [pid 2941:tid 2941] [client 216.26.237.52:32581] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.earlyeditionsbooks.com"] [uri "/.svn/wc.db"] [unique_id "aST9rAaXv56w5HLOC3Q4PAAAADM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-24 09:35:02 (6 months ago)	suspicious request in access.log	Web App Attack

Showing 1 to 15 of 36 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 183.221.22.74

🇨🇳 180.169.100.182

🇩🇪 87.106.255.77

🇭🇰 42.200.78.166

🇨🇳 36.153.164.122

🇨🇳 139.196.220.240

🇨🇳 121.11.96.13

🇧🇷 45.205.1.247

🇦🇪 20.203.42.204

🇹🇷 212.64.216.142

🇰🇷 211.252.42.171

🇳🇱 176.65.148.215

🇮🇳 103.86.180.10

🇱🇹 81.30.98.144

🇺🇸 67.207.84.8

🇭🇰 20.239.192.136

🇸🇬 15.235.166.18

🇧🇪 198.235.24.216

🇺🇸 192.227.229.70

🇧🇷 152.67.46.203