JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.46.253

104.207.46.253 was found in our database!

This IP was reported 126 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.46.253

Whois 104.207.46.253

IP Abuse Reports for 104.207.46.253:

This IP address has been reported a total of 126 times from 16 distinct sources. 104.207.46.253 was first reported on June 5th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 relianoid.com	2026-04-01 02:33:37 (2 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇮🇹 VHosting	2026-02-18 22:24:30 (3 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇮🇹 VHosting	2025-12-24 02:05:10 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-25 06:10:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:10:05.699418 2025] [security2:error] [pid 13859:tid 13859] [client 104.207.46.253:53117] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.debhill.com"] [uri "/.svn/wc.db"] [unique_id "aSVIPRdJ_iURqmHIkw-_lwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:35:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:35:16.002024 2025] [security2:error] [pid 11182:tid 11182] [client 104.207.46.253:49529] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "test.mathewyoung.com"] [uri "/.env"] [unique_id "aSUyBBM1tUC9tPQQHq_wzwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:31:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:31:21.474351 2025] [security2:error] [pid 18515:tid 18515] [client 104.207.46.253:22467] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.cromaki.com"] [uri "/.git/HEAD"] [unique_id "aSUjCXLWHbWL6G9JQPZ51gAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:03:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:03:51.153623 2025] [security2:error] [pid 1647077:tid 1647111] [client 104.207.46.253:13811] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.accuball.com"] [uri "/.git/HEAD"] [unique_id "aSUcl9NHCagQpGvj6qPEiwAAAkQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:22:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:22:06.402241 2025] [security2:error] [pid 5301:tid 5301] [client 104.207.46.253:40957] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bigholegolf.com"] [uri "/.git/HEAD"] [unique_id "aSUSzmySVhN0Rxks7w4TVgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:03:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:03:09.116786 2025] [security2:error] [pid 28204:tid 28204] [client 104.207.46.253:29515] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "newsite.praemiumtech.com"] [uri "/.env"] [unique_id "aSQfTf36S7boDMFppKm2fAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:47:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:47:41.005027 2025] [security2:error] [pid 5540:tid 5540] [client 104.207.46.253:42965] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.adamfogel.com"] [uri "/.git/HEAD"] [unique_id "aSPVXXnMOlqADzloGcb7vAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 14:26:23 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 23:53:54 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 104.207.46.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 104.207.46.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 18:53:49.407901 2025] [security2:error] [pid 4284:tid 4284] [client 104.207.46.253:30701] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.trademartghana.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.trademartghana.com"] [uri "/s3cmd.ini"] [unique_id "aRZvjaWeqpOHx_o5iWz2OAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 fbarela	2025-11-07 23:01:29 (6 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
🇨🇦 wil.com	2025-10-14 17:48:36 (7 months ago)	GlobalProtect login attempts with user mfilus.	VPN IP Brute-Force

Showing 1 to 15 of 126 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 212.132.120.41

🇲🇦 196.92.7.249

🇬🇧 193.176.29.4

🇨🇳 115.191.79.153

🇺🇸 66.132.195.115

🇬🇧 5.226.140.98

🇷🇴 2.57.121.25

🇲🇦 196.92.7.247

🇺🇸 157.245.190.121

🇭🇰 152.32.135.217

🇺🇸 100.29.192.32

🇷🇴 89.47.53.19

🇫🇷 85.204.70.106

🇧🇷 45.71.123.226

🇨🇳 221.226.232.44

🇺🇸 191.101.33.114

🇨🇳 180.167.128.203

🇳🇱 176.65.148.215

🇺🇸 157.245.244.250

🇨🇳 116.228.233.93