JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 46.202.138.211

46.202.138.211 was found in our database!

This IP was reported 118 times. Confidence of Abuse is 100%: ?

100%

ISP	US ISP
Usage Type	Data Center/Web Hosting/Transit
ASN	AS47583
Domain Name	ukrtelecom.ua
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 46.202.138.211

Whois 46.202.138.211

IP Abuse Reports for 46.202.138.211:

This IP address has been reported a total of 118 times from 48 distinct sources. 46.202.138.211 was first reported on February 27th 2026, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-06-08 09:34:01 (16 hours ago)	Web attack/malicious scanning detected	Web App Attack
🇲🇽 octageeks.com	2026-06-08 04:18:57 (21 hours ago)	Wordpress malicious attack:[octablocked]	Web App Attack
🇧🇪 voormedia	2026-06-08 00:45:25 (1 day ago)	Accessed trap at '/.env'	Web App Attack
🇩🇪 todix	2026-06-07 22:58:55 (1 day ago)	WebAttack or semilar from 46.202.138.211	Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 13:21:26 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 46.202.138.211 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 46.202.138.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 09:21:21.668497 2026] [security2:error] [pid 342:tid 342] [client 46.202.138.211:47622] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rimworld.com"] [uri "/dev/.env"] [unique_id "aiVwUXvN2y2jOjoVxDRE7QAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 09:50:45 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 46.202.138.211 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 46.202.138.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 05:50:38.034353 2026] [security2:error] [pid 1028:tid 1028] [client 46.202.138.211:48010] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "diarrheawolves.com"] [uri "/admin/.env"] [unique_id "aiU-7iQJyS3vq9UgqjxlTAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 09:23:58 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 46.202.138.211 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 46.202.138.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 05:23:53.775774 2026] [security2:error] [pid 19669:tid 19669] [client 46.202.138.211:25834] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "magnawebinc.com"] [uri "/member/.env"] [unique_id "aiU4qa5Pav_HsFrv4UiPOwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 08:52:30 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 46.202.138.211 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 46.202.138.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 04:52:25.696705 2026] [security2:error] [pid 19249:tid 19249] [client 46.202.138.211:58980] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sahinozalit.com"] [uri "/app/.env"] [unique_id "aiUxSfmDlkrV_46gZMoz4AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 06:56:09 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 46.202.138.211 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 46.202.138.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 02:56:04.183375 2026] [security2:error] [pid 20357:tid 20357] [client 46.202.138.211:32286] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thewaywework.com"] [uri "/core/.env"] [unique_id "aiUWBKBjgrigMobi1xtuRgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Matthew Ping	2026-06-07 06:15:02 (1 day ago)	ModSecurity rule 949110 triggered on server. Web application attack blocked by CSF/LFD.	Web App Attack Hacking
🇺🇸 agenciahypelab.com.br	2026-06-07 05:40:11 (1 day ago)	WordPress login brute-force detectado e bloqueado pelo CSF/LFD. Trigger: LF_TRIGGER	Brute-Force SSH
Anonymous	2026-06-07 04:10:03 (1 day ago)	(caddyscan) Scanner path probe from 46.202.138.211 (ID/Indonesia/-): 5 in the last 3600 secs; Ports: ... show more (caddyscan) Scanner path probe from 46.202.138.211 (ID/Indonesia/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 46.202.138.211 - - [07/Jun/2026:04:10:01 +0000] "GET /laravel/.env HTTP/1.1" [REDACTED] 200 2627 46.202.138.211 - - [07/Jun/2026:04:10:01 +0000] "GET /member/.env HTTP/1.1" [REDACTED] 200 2627 46.202.138.211 - - [07/Jun/2026:04:10:01 +0000] "GET /app/.env HTTP/1.1" [REDACTED] 200 2627 46.202.138.211 - - [07/Jun/2026:04:10:01 +0000] "GET /dev/.env HTTP/1.1" [REDACTED] 200 2627 46.202.138.211 - - [07/Jun/2026:04:10:01 +0000] "GET /admin/.env HTTP/1.1" show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-07 03:38:00 (1 day ago)	(mod_security) mod_security (id:949110) triggered by 46.202.138.211 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:949110) triggered by 46.202.138.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 23:37:54.060249 2026] [security2:error] [pid 18397:tid 18397] [client 46.202.138.211:41342] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "armstrongenvironmental.com"] [uri "/api/.env"] [unique_id "aiTnkjcsl3uYn8SfIinsEgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 01:48:05 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 46.202.138.211 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 46.202.138.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 21:48:02.732215 2026] [security2:error] [pid 15228:tid 15228] [client 46.202.138.211:55540] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "galaxyretro.com"] [uri "/member/.env"] [unique_id "aiTN0mqySlF-MjBdTN-tKwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 01:10:10 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 46.202.138.211 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 46.202.138.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 21:10:07.102566 2026] [security2:error] [pid 11553:tid 11553] [client 46.202.138.211:32002] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rallentarecg.com"] [uri "/admin/.env"] [unique_id "aiTE70vf9fyOzKHFw27wLAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 118 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.45

🇬🇧 193.163.125.212

🇺🇸 178.128.155.54

🇺🇸 147.185.132.75

🇮🇳 135.235.138.43

🇫🇷 89.117.49.65

🇹🇭 83.118.107.46

🇩🇪 64.226.107.125

🇺🇸 45.32.170.145

🇦🇺 34.40.183.170

🇺🇸 205.210.31.64

🇺🇸 205.210.31.45

🇮🇳 202.66.176.141

🇪🇬 197.60.228.182

🇺🇸 192.241.137.43

🇷🇺 172.69.50.170

🇧🇼 168.167.228.123

🇨🇦 168.138.90.7

🇺🇸 162.216.150.28

🇳🇮 138.97.162.163