JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.46.218

104.207.46.218 was found in our database!

This IP was reported 150 times. Confidence of Abuse is 11%: ?

11%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.46.218

Whois 104.207.46.218

IP Abuse Reports for 104.207.46.218:

This IP address has been reported a total of 150 times from 25 distinct sources. 104.207.46.218 was first reported on June 6th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Hazzard	2026-05-21 19:54:50 (2 weeks ago)	(wordpress) Failed wordpress login from 104.207.46.218 (US/United States/Virginia/Ashburn/-/[redacte ... show more (wordpress) Failed wordpress login from 104.207.46.218 (US/United States/Virginia/Ashburn/-/[redacted]): (CF_ENABLE) show less	Brute-Force
🇩🇪 iNetWorker	2026-05-21 17:48:09 (2 weeks ago)	trolling for resource vulnerabilities	Web App Attack
🇳🇱 jjnxpct	2026-03-23 04:48:35 (2 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /component/content/article/de-orderbron-centrum-voor-gezondheid (Rule ID: 942540) - SQL Authentication bypass (split query) [Suspicious: '; found within ARGS:Itemid: ';] show less	Web App Attack SQL Injection Brute-Force
🇳🇱 homeshowdomain.nl	2026-02-15 22:59:29 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-15	Hacking Web App Attack SSH
🇩🇪 big-cloud.nl	2026-02-15 12:22:55 (3 months ago)	Try to access /api/.git/config	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:00:06 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:59:59.586131 2026] [security2:error] [pid 19545:tid 19545] [client 104.207.46.218:36153] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tech-servusa.com"] [uri "/new/.git/config"] [unique_id "aZG1P4NHUIjWfUtOVXpnDgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:43:38 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:43:35.724077 2026] [security2:error] [pid 22308:tid 22308] [client 104.207.46.218:52343] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thorhauer.com"] [uri "/api/.env"] [unique_id "aZGxZ_kUHDVeE5XtNtOy7AAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:22:26 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:22:20.192751 2026] [security2:error] [pid 16167:tid 16167] [client 104.207.46.218:25565] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "theurbanlogger.com"] [uri "/.env.staging"] [unique_id "aZGsbLEe9J_XLy-cusSOJwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:34:54 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:34:51.045266 2026] [security2:error] [pid 19808:tid 19808] [client 104.207.46.218:44845] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "susanleeward.com"] [uri "/api/.git/config"] [unique_id "aZFa-xPFMnlt50TOiXfp_gAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 jjnxpct	2026-02-15 04:48:42 (3 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.env.production (Rule ID: 930130) - Restricted File Access Attempt show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:46:07 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:46:03.640855 2026] [security2:error] [pid 4744:tid 4744] [client 104.207.46.218:54697] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sublimationconsultants.com"] [uri "/.env"] [unique_id "aZFPi_CEQu8urPRzHqHgYQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:57:01 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:56:53.410867 2026] [security2:error] [pid 19911:tid 19911] [client 104.207.46.218:10891] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stinecapital.net"] [uri "/wp/.git/config"] [unique_id "aZFEBYjtwe_Efki2TZeAdwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:22:41 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:22:32.963124 2026] [security2:error] [pid 8725:tid 8725] [client 104.207.46.218:19215] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "starthreadingsalon.com"] [uri "/config/.env"] [unique_id "aZE7-HFJyWJvlpTd-7QtqAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 gadix	2026-02-15 03:06:47 (3 months ago)	[15/Feb/2026:04:06:44.633809 +0100] aZE4Qy7sAse9q18BDJgt0QAAAAA 104.207.46.218 52850 127.0.0.1 7081 ... show more [15/Feb/2026:04:06:44.633809 +0100] aZE4Qy7sAse9q18BDJgt0QAAAAA 104.207.46.218 52850 127.0.0.1 7081 [15/Feb/2026:04:06:45.808650 +0100] aZE4RfvzcWgCzVBCdyjZ4wAAAAQ 104.207.46.218 52956 127.0.0.1 7081 [15/Feb/2026:04:06:46.924836 +0100] aZE4Ru3HqZfTM5ANbzpY-QAAAAE 104.207.46.218 52972 127.0.0.1 7081 ... show less	Web App Attack
🇺🇸 myagent.site	2026-02-15 03:04:57 (3 months ago)	Blocking for trying to access an exploit file: /.env	Hacking

Showing 1 to 15 of 150 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 193.176.31.228

🇺🇸 20.127.185.37

🇻🇳 222.255.214.223

🇰🇿 193.148.60.224

🇳🇱 185.223.235.44

🇮🇶 185.166.25.150

🇺🇸 144.172.67.4

🇨🇳 117.81.107.138

🇺🇸 100.28.153.226

🇷🇴 92.118.39.62

🇳🇱 81.19.216.120

🇳🇱 64.225.69.19

🇺🇸 64.62.156.138

🇱🇺 46.151.182.201

🇧🇷 20.226.46.111

🇰🇷 220.86.28.189

🇳🇱 193.176.31.231

🇨🇳 114.138.104.31

🇨🇳 114.138.102.16

🇷🇴 92.118.39.236