JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.46.168

104.207.46.168 was found in our database!

This IP was reported 137 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.46.168

Whois 104.207.46.168

IP Abuse Reports for 104.207.46.168:

This IP address has been reported a total of 137 times from 15 distinct sources. 104.207.46.168 was first reported on June 6th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-05-17 03:39:06 (3 weeks ago)	Brute force	Brute-Force
🇪🇸 librebit	2026-05-13 22:43:00 (3 weeks ago)	Brute force	Brute-Force
🇮🇹 VHosting	2025-12-23 17:00:20 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇫🇷 dynamix	2025-12-17 05:19:42 (5 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 10:32:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:32:51.246718 2025] [security2:error] [pid 3738123:tid 3738173] [client 104.207.46.168:16637] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.coloradospringsdermatology.com"] [uri "/.git/HEAD"] [unique_id "aSbXU-deQgRNnjCL8RQhfwAAAZE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 07:12:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 02:12:02.112730 2025] [security2:error] [pid 17517:tid 17517] [client 104.207.46.168:30153] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.enjoy2dance.com"] [uri "/.env"] [unique_id "aSaoQs_mehiMR4GP1elc4QAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:02:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:02:10.113501 2025] [security2:error] [pid 14187:tid 14187] [client 104.207.46.168:39939] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.title25.itaxcenter.com"] [uri "/.svn/wc.db"] [unique_id "aSZRkkJC9LEhF0SrzlwJ5gAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 Shaik Sai Meera	2025-11-25 12:00:33 (6 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇺🇸 chronos	2025-11-25 01:43:19 (6 months ago)	[AUTORAVALT][[24/11/2025 - 22:43:19 -03:00 UTC] Attack from [RIPE Network Coordination Centre] [104. ... show more [AUTORAVALT][[24/11/2025 - 22:43:19 -03:00 UTC] Attack from [RIPE Network Coordination Centre] [104.207.46.168] Action: BLocKed Hacking... Unauthorized attempts to access the server. Web App Attack -> Attempts to probe for or exploit installed web applications such as a CMS like WordPress/Drupal, e-commerce solutions, forum software, phpMyAdmin and various oth] ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:42:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:42:44.370660 2025] [security2:error] [pid 26742:tid 26742] [client 104.207.46.168:55965] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dev.jeanniemorrislaw.com"] [uri "/.git/HEAD"] [unique_id "aSQolBrF_jUJpeo6Hy01FwAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:51:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:51:54.524514 2025] [security2:error] [pid 11161:tid 11161] [client 104.207.46.168:29911] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autumn-kennedy.com"] [uri "/.git/HEAD"] [unique_id "aSQOmkfCZHamG_n7guQNAwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:22:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:22:04.002230 2025] [security2:error] [pid 19505:tid 19505] [client 104.207.46.168:42539] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.bogans.net"] [uri "/.env"] [unique_id "aSPrfN0XjCbfb5Gb3SsBTwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:00:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:00:09.188161 2025] [security2:error] [pid 1708:tid 1708] [client 104.207.46.168:58339] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.kristencorley.com"] [uri "/.svn/wc.db"] [unique_id "aSPYSaxtPC339iEOC0QKRQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-16 21:56:17 (6 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.16 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.16 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-11 08:44:12 (6 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.11 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.11 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 137 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 68.183.212.68

🇺🇸 67.20.76.238

🇨🇳 47.103.192.156

🇫🇷 2a01:cb11:bcc:8800:e78e:9409:731a:2f33

🇺🇸 207.241.173.124

🇮🇳 165.140.164.99

🇮🇩 157.15.40.86

🇮🇳 152.52.196.18

🇫🇷 90.84.168.147

🇺🇸 34.182.253.196

🇯🇵 8.216.8.134

🇯🇵 8.216.6.146

🇫🇮 178.20.210.152

🇺🇸 96.78.175.36

🇸🇬 47.79.204.202

🇳🇱 45.148.10.147

🇮🇪 34.254.29.173

🇨🇳 14.135.74.213

🇨🇳 14.103.83.66

🇺🇸 208.84.100.220