JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.46.206

104.207.46.206 was found in our database!

This IP was reported 140 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.46.206

Whois 104.207.46.206

IP Abuse Reports for 104.207.46.206:

This IP address has been reported a total of 140 times from 15 distinct sources. 104.207.46.206 was first reported on June 28th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-02-13 20:36:41 (4 months ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇩🇪 Lino Project	2025-12-31 15:02:02 (5 months ago)	104.207.46.206 - - [31/Dec/2025:16:02:00 +0100] "POST /xmlrpc.php HTTP/1.1" 403 3926 "-" "Mozilla/5. ... show more 104.207.46.206 - - [31/Dec/2025:16:02:00 +0100] "POST /xmlrpc.php HTTP/1.1" 403 3926 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" 104.207.46.206 - - [31/Dec/2025:16:02:01 +0100] "POST /xmlrpc.php HTTP/1.1" 403 3926 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" 104.207.46.206 - - [31/Dec/2025:16:02:01 +0100] "POST /xmlrpc.php HTTP/1.1" 403 3926 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2025-12-13 22:06:04 (6 months ago)	15.929 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇪🇸 10dencehispahard SL	2025-12-03 07:40:43 (6 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
Anonymous	2025-12-02 13:59:47 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-26 13:27:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.206 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 08:27:18.171214 2025] [security2:error] [pid 6630:tid 6630] [client 104.207.46.206:29801] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.professional-yachting.com"] [uri "/.svn/wc.db"] [unique_id "aScANsD-sqFn7WxLE6-wNAAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 07:05:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.206 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:05:17.028259 2025] [security2:error] [pid 2485:tid 2485] [client 104.207.46.206:56011] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.thediscounttoolbox.com"] [uri "/.env"] [unique_id "aSVVLXpfsJhVnz-rLsj5UQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:21:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.206 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:21:36.187125 2025] [security2:error] [pid 839670:tid 839670] [client 104.207.46.206:50403] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.bestnebraskadetective.com"] [uri "/.git/HEAD"] [unique_id "aSU84ChPFLjyAHCF-KlMlQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:50:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.206 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:50:00.172139 2025] [security2:error] [pid 5294:tid 5294] [client 104.207.46.206:16731] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.gerrytolentino.net"] [uri "/.env"] [unique_id "aSU1ePDJPrnZRHgxmDqTzwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:18:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.206 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:18:32.137258 2025] [security2:error] [pid 28445:tid 28445] [client 104.207.46.206:52271] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.ciptaconindotara.com"] [uri "/.git/HEAD"] [unique_id "aSUuGKfFq-NJMlArDMdxUwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:47:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.206 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:47:15.532654 2025] [security2:error] [pid 14744:tid 14744] [client 104.207.46.206:46703] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.scsurfside.net"] [uri "/.env"] [unique_id "aSUmw35-E6kqfrBTfM7wJAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:47:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.206 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:47:27.241705 2025] [security2:error] [pid 31741:tid 31741] [client 104.207.46.206:25395] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.coolingsprings.org"] [uri "/.svn/wc.db"] [unique_id "aSUKrzKE4L1ssjs2KD2tkwAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:23:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.206 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:23:38.426425 2025] [security2:error] [pid 8981:tid 8981] [client 104.207.46.206:54839] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lookinfashion.wholesalelivelobsters.com"] [uri "/.svn/wc.db"] [unique_id "aSUFGlHcwLBHH-d-Rdi52gAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:27:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.206 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:27:06.274543 2025] [security2:error] [pid 24471:tid 24471] [client 104.207.46.206:51041] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.supportourlibrary.org"] [uri "/.svn/wc.db"] [unique_id "aST32s6K10HlnhtfOWRk1gAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:25:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.206 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:24:58.039770 2025] [security2:error] [pid 31402:tid 31402] [client 104.207.46.206:32187] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "test.highaltitudebaking.com"] [uri "/.svn/wc.db"] [unique_id "aSQWWmAFVROFTnINoYTe-QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 140 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇭 180.190.165.81

🇺🇸 172.104.11.51

🇨🇲 154.70.102.114

🇨🇳 120.236.49.131

🇨🇳 115.190.165.165

🇱🇹 45.227.254.170

🇺🇸 40.77.167.32

🇮🇩 36.79.238.140

🇧🇷 205.210.31.206

🇹🇭 203.172.213.166

🇺🇸 198.11.178.150

🇺🇸 195.184.76.193

🇮🇳 182.75.197.174

🇲🇳 180.149.125.167

🇺🇸 172.239.64.155

🇺🇸 172.236.228.224

🇺🇸 162.216.149.52

🇺🇸 73.176.188.102

🇻🇳 14.176.169.144

🇺🇸 3.216.176.159