JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.70.46.19

172.70.46.19 was found in our database!

This IP was reported 187 times. Confidence of Abuse is 0%: ?

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Important Note: 172.70.46.19 is an IP address from within our whitelist belonging to the subnet 172.64.0.0/13, which we identify as: "Cloudflare Reverse Proxy".

Whitelisted netblocks are typically owned by trusted entities, such as Google or Microsoft who may use them for search engine spiders. However, these same entities sometimes also provide cloud servers and mail services which are easily abused. Pay special attention when trusting or distrusting these IPs.

Report 172.70.46.19

Whois 172.70.46.19

IP Abuse Reports for 172.70.46.19:

This IP address has been reported a total of 187 times from 36 distinct sources. 172.70.46.19 was first reported on December 9th 2022, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-05-29 10:05:50 (1 week ago)	Abuse Detected (2)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-25 05:26:41 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 172.70.46.19 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 172.70.46.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 01:26:36.097460 2026] [security2:error] [pid 7346:tid 7364] [client 172.70.46.19:14310] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.toubaomaha.com"] [uri "/.env.development.local"] [unique_id "ahPdjNpY8HEqbJ9zjKFcNgAAAMY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-16 07:37:47 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 172.70.46.19 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 172.70.46.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 16 03:37:37.716013 2026] [security2:error] [pid 9737:tid 9737] [client 172.70.46.19:13137] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "concertosupport.com.accordionclub.org"] [uri "/.env.local"] [unique_id "aggewZRARi5t4-2CBa6XowAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mivanovs	2026-05-14 11:24:20 (3 weeks ago)	WordPress brute-force login attempt on wp-login.php.	Brute-Force Web App Attack
🇧🇷 leolemos	2026-03-26 12:31:12 (2 months ago)	[Thu Mar 26 09:31:00.279538 2026] [proxy_fcgi:error] [pid 1321627] [client 172.70.46.19:14073] AH010 ... show more [Thu Mar 26 09:31:00.279538 2026] [proxy_fcgi:error] [pid 1321627] [client 172.70.46.19:14073] AH01071: Got error 'Primary script unknown', referer: https://[redacted].[redacted]/ [Thu Mar 26 09:31:07.556188 2026] [proxy_fcgi:error] [pid 1321627] [client 172.70.46.19:14073] AH01071: Got error 'Primary script unknown', referer: https://[redacted].[redacted]/ [Thu Mar 26 09:31:09.178777 2026] [proxy_fcgi:error] [pid 1321627] [client 172.70.46.19:14073] AH01071: Got error 'Primary script unknown', referer: https://[redacted].[redacted]/ show less	Brute-Force Web App Attack
🇬🇧 pinguin	2026-02-08 18:37:38 (3 months ago)	Triggered Cloudflare WAF (firewallManaged) from NL. Action taken: LOG Protocol: HTTP/2 (GET method) ... show more Triggered Cloudflare WAF (firewallManaged) from NL. Action taken: LOG Protocol: HTTP/2 (GET method) Endpoint: / UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇦🇺 oncord	2026-02-01 11:05:40 (4 months ago)	Form spam	Web Spam
🇦🇺 oncord	2026-01-24 21:13:32 (4 months ago)	Form spam	Web Spam
🇺🇸 thefoofighter	2026-01-06 08:41:49 (4 months ago)	[Tue Jan 06 08:41:48.158251 2026] [:error] [pid 1580310] [client 172.70.46.19:9433] [client 172.70.4 ... show more [Tue Jan 06 08:41:48.158251 2026] [:error] [pid 1580310] [client 172.70.46.19:9433] [client 172.70.46.19] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 7)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "sarahmcnally.com"] [uri "/docker/app/.env"] [unique_id "aVzKzMgkzExrYSEDDXqsUwAAAAQ"] [Tue Jan 06 08:41:48.788518 2026] [:error] [pid 1580310] [client 172.70.46.19:9433] [client 172.70.46.19] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 7)"] [severity "CRITICAL"] [ver "OWASP_CRS/ ... show less	Bad Web Bot Web App Attack
🇬🇧 pinguin	2026-01-06 05:26:12 (4 months ago)	Triggered Cloudflare WAF (firewallManaged) from NL. Action taken: LOG Protocol: HTTP/2 (GET method) ... show more Triggered Cloudflare WAF (firewallManaged) from NL. Action taken: LOG Protocol: HTTP/2 (GET method) Endpoint: / UA: Mozilla/5.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇩🇪 Blexyel	2025-11-23 20:10:50 (6 months ago)	172.70.46.19 - - [23/Nov/2025:21:10:50 +0100] "GET /.git/config HTTP/1.1" 200 265 "-" "Mozilla/5.0 ( ... show more 172.70.46.19 - - [23/Nov/2025:21:10:50 +0100] "GET /.git/config HTTP/1.1" 200 265 "-" "Mozilla/5.0 (Linux; Android 8.1.0; Moto G (5S) Plus) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.143 Mobile Safari/537.36" "pingusmc.org" ... show less	Brute-Force Web App Attack
🇫🇷 dynamix	2025-10-12 03:10:45 (7 months ago)	Multiple WAF Violations	Web App Attack
Anonymous	2025-09-16 01:19:05 (8 months ago)	[redacted] 172.70.46.19 - - [16/Sep/2025:03:18:32 +0200] "POST /xmlrpc.php HTTP/2.0" 200 178 "-" "Ap ... show more [redacted] 172.70.46.19 - - [16/Sep/2025:03:18:32 +0200] "POST /xmlrpc.php HTTP/2.0" 200 178 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_161)" [redacted] 172.70.46.19 - - [16/Sep/2025:03:18:36 +0200] "POST /xmlrpc.php HTTP/2.0" 200 178 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_161)" [redacted] 172.70.46.19 - - [16/Sep/2025:03:18:38 +0200] "POST /xmlrpc.php HTTP/2.0" 200 178 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_161)" [redacted] 172.70.46.19 - - [16/Sep/2025:03:18:41 +0200] "POST /xmlrpc.php HTTP/2.0" 200 178 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_161)" [redacted] 172.70.46.19 - - [16/Sep/2025:03:18:44 +0200] "POST /xmlrpc.php HTTP/2.0" 200 178 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_161)" [redacted] 172.70.46.19 - - [16/Sep/2025:03:18:47 +0200] "POST /xmlrpc.php HTTP/2.0" 200 178 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_161)" [redacted] 172.70.46.19 - - [16/Sep/2025:03:18:52 +0200] "POST /xmlrpc.php HTTP/2.0" 200 178 "-" "Apache-HttpClient/4.5.2 (Jav ... show less	Hacking Web App Attack
🇯🇵 S.O.B.A. Dev.	2025-09-11 16:47:02 (8 months ago)	Persistent port scanning or vulnerability scanning	Port Scan
🇵🇱 Niko's Stuff	2025-08-19 03:53:42 (9 months ago)	[1x] Triggered application-multi,language-multi platform-multi,attack-generic \| Score: 5 \| Msg: Inbo ... show more [1x] Triggered application-multi,language-multi platform-multi,attack-generic \| Score: 5 \| Msg: Inbound Anomaly Score Exceeded (Total Score: 5) \| Uri: /backend/.git/config \| Client: 172.70.46.19 172.70.46.19 \| Hostname: nikostuff.com \| Blocked web application firewall detected attack show less	Brute-Force

Showing 1 to 15 of 187 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 200.199.32.174

🇨🇳 120.236.49.131

🇩🇪 8.211.39.61

🇦🇪 198.38.94.18

🇨🇳 119.249.100.109

🇨🇳 112.19.161.224

🇷🇺 87.117.39.199

🇨🇳 222.90.32.158

🇸🇬 206.189.81.2

🇭🇰 65.181.88.245

🇺🇸 64.95.14.238

🇻🇳 14.225.7.70

🇺🇸 216.73.216.159

🇺🇸 148.153.56.170

🇨🇳 120.230.20.125

🇺🇸 91.230.168.224

🇸🇪 78.73.8.212

🇳🇱 77.83.39.238

🇨🇳 58.47.120.129

🇺🇸 52.204.174.139