JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.46.26

104.207.46.26 was found in our database!

This IP was reported 136 times. Confidence of Abuse is 18%: ?

18%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.46.26

Whois 104.207.46.26

IP Abuse Reports for 104.207.46.26:

This IP address has been reported a total of 136 times from 19 distinct sources. 104.207.46.26 was first reported on June 4th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 voormedia	2026-05-13 01:21:11 (3 weeks ago)	Accessed trap at '/.env'	Web App Attack
Anonymous	2026-05-12 20:20:09 (3 weeks ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
Anonymous	2026-05-12 13:09:56 (3 weeks ago)	Multiple failed login attemps RDS-Web-Access-Server	Brute-Force Web App Attack
Anonymous	2026-05-11 12:06:00 (3 weeks ago)	Multiple failed login attemps RDS-Web-Access-Server	Brute-Force Web App Attack
Anonymous	2026-05-10 12:27:36 (4 weeks ago)	104.207.46.26 - - [10/May/2026:12:27:36 +0000] "GET http://owlbee.be/.env HTTP/1.1" 302 477 "-" "Moz ... show more 104.207.46.26 - - [10/May/2026:12:27:36 +0000] "GET http://owlbee.be/.env HTTP/1.1" 302 477 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Bad Web Bot Web App Attack
Anonymous	2026-01-29 18:23:20 (4 months ago)	wordpress-trap	Web App Attack
🇪🇸 10dencehispahard SL	2026-01-26 07:35:03 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇩🇪 stinpriza	2026-01-18 07:54:19 (4 months ago)	Web App Attack	Web App Attack
Anonymous	2025-12-06 12:54:01 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-26 06:10:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:10:42.342358 2025] [security2:error] [pid 4889:tid 4889] [client 104.207.46.26:13119] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.genesis7.co"] [uri "/.svn/wc.db"] [unique_id "aSaZ4sBWzLGC5PDZ7-HPuwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:48:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:48:19.214011 2025] [security2:error] [pid 27654:tid 27671] [client 104.207.46.26:26989] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.jpdesign.us"] [uri "/.svn/wc.db"] [unique_id "aSZqcyjYFRQ4BTieiJK02QAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-24 09:58:18 (6 months ago)	Attempted access to sensitive endpoint (/.svn/wc.db) detected. Automated scan or unauthorized probin ... show more Attempted access to sensitive endpoint (/.svn/wc.db) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:42:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:41:59.931384 2025] [security2:error] [pid 4316:tid 4316] [client 104.207.46.26:42363] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.bristar-usa.com"] [uri "/.git/HEAD"] [unique_id "aSQMR9z4FWFUgz1yQnkcDAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:53:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:53:51.144427 2025] [security2:error] [pid 26909:tid 26909] [client 104.207.46.26:11787] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.evolinc.com"] [uri "/.git/HEAD"] [unique_id "aSQA_wDHR7Q8dig3eCH8eQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:45:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.46.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.46.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:45:09.835684 2025] [security2:error] [pid 12033:tid 12033] [client 104.207.46.26:56041] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.dmimx.com"] [uri "/.env"] [unique_id "aSPw5SRmaDIwQbNJ27ooZwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 136 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 207.90.244.19

🇪🇬 197.58.174.86

🇦🇫 149.54.62.2

🇮🇳 117.198.99.18

🇸🇬 114.119.140.102

🇧🇩 103.120.202.26

🇦🇲 45.159.74.62

🇺🇸 44.48.253.176

🇺🇸 40.76.137.103

🇨🇦 34.130.172.184

🇳🇱 5.255.121.5

🇭🇰 199.45.155.73

🇺🇸 184.105.139.80

🇫🇷 178.32.238.114

🇺🇸 172.203.245.82

🇺🇸 104.23.187.191

🇹🇭 103.8.209.30

🇺🇸 91.230.168.15

🇸🇪 85.24.223.224

🇺🇸 47.251.176.101