JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 46.202.156.115

46.202.156.115 was found in our database!

This IP was reported 58 times. Confidence of Abuse is 100%: ?

100%

ISP	US ISP
Usage Type	Data Center/Web Hosting/Transit
ASN	AS47583
Domain Name	ukrtelecom.ua
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 46.202.156.115

Whois 46.202.156.115

IP Abuse Reports for 46.202.156.115:

This IP address has been reported a total of 58 times from 18 distinct sources. 46.202.156.115 was first reported on May 31st 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-06-03 20:11:43 (1 hour ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 Aetherweb Ark	2026-06-03 18:59:01 (2 hours ago)	(mod_security) mod_security (id:949110) triggered by 46.202.156.115 (DE/Germany/-): N in the last X ... show more (mod_security) mod_security (id:949110) triggered by 46.202.156.115 (DE/Germany/-): N in the last X secs show less	Web App Attack
Anonymous	2026-06-03 17:20:04 (4 hours ago)	Bot / scanning and/or hacking attempts: GET /backend/.env HTTP/1.1, GET /member/.env HTTP/1.1, GET / ... show more Bot / scanning and/or hacking attempts: GET /backend/.env HTTP/1.1, GET /member/.env HTTP/1.1, GET /new/.env HTTP/1.1, GET /app/.env HTTP/1.1, GET /dev/.env HTTP/1.1, GET /core/.env HTTP/1.1, GET /admin/.env HTTP/1.1, GET /.env HTTP/1.1, GET /api/.env HTTP/1.1 show less	Hacking Web App Attack
Anonymous	2026-06-03 11:40:20 (10 hours ago)	(caddyscan) Scanner path probe from 46.202.156.115 (DE/Germany/-): 5 in the last 3600 secs; Ports: * ... show more (caddyscan) Scanner path probe from 46.202.156.115 (DE/Germany/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 46.202.156.115 - - [03/Jun/2026:11:40:16 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 46.202.156.115 - - [03/Jun/2026:11:40:16 +0000] "GET /new/.env HTTP/1.1" [REDACTED] 200 2627 46.202.156.115 - - [03/Jun/2026:11:40:16 +0000] "GET /api/.env HTTP/1.1" [REDACTED] 200 2627 46.202.156.115 - - [03/Jun/2026:11:40:16 +0000] "GET /core/.env HTTP/1.1" [REDACTED] 200 2627 46.202.156.115 - - [03/Jun/2026:11:40:16 +0000] "GET /app/.env HTTP/1.1" show less	Port Scan
🇫🇷 masterguru	2026-06-03 10:59:59 (10 hours ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-197)	Hacking Web App Attack
Anonymous	2026-06-03 08:03:14 (13 hours ago)	(caddyscan) Scanner path probe from 46.202.156.115 (DE/Germany/-): 5 in the last 3600 secs; Ports: * ... show more (caddyscan) Scanner path probe from 46.202.156.115 (DE/Germany/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 46.202.156.115 - - [03/Jun/2026:08:03:10 +0000] "GET /app/.env HTTP/1.1" [REDACTED] 200 2627 46.202.156.115 - - [03/Jun/2026:08:03:10 +0000] "GET /new/.env HTTP/1.1" [REDACTED] 200 2627 46.202.156.115 - - [03/Jun/2026:08:03:10 +0000] "GET /backend/.env HTTP/1.1" [REDACTED] 200 2627 46.202.156.115 - - [03/Jun/2026:08:03:10 +0000] "GET /member/.env HTTP/1.1" [REDACTED] 200 2627 46.202.156.115 - - [03/Jun/2026:08:03:10 +0000] "GET /api/.env HTTP/1.1" show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-03 05:49:52 (16 hours ago)	(mod_security) mod_security (id:210492) triggered by 46.202.156.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 46.202.156.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 01:49:45.942089 2026] [security2:error] [pid 12841:tid 12841] [client 46.202.156.115:16954] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dwightbrown.com"] [uri "/dev/.env"] [unique_id "ah_AeYa8cgTsrB14xUDnaQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-03 04:49:17 (17 hours ago)	(caddyscan) Scanner path probe from 46.202.156.115 (DE/Germany/-): 5 in the last 3600 secs; Ports: * ... show more (caddyscan) Scanner path probe from 46.202.156.115 (DE/Germany/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 46.202.156.115 - - [03/Jun/2026:04:49:11 +0000] "GET /backend/.env HTTP/1.1" [REDACTED] 200 2627 46.202.156.115 - - [03/Jun/2026:04:49:11 +0000] "GET /dev/.env HTTP/1.1" [REDACTED] 200 2627 46.202.156.115 - - [03/Jun/2026:04:49:12 +0000] "GET /member/.env HTTP/1.1" [REDACTED] 200 2627 46.202.156.115 - - [03/Jun/2026:04:49:12 +0000] "GET /admin/.env HTTP/1.1" [REDACTED] 200 2627 46.202.156.115 - - [03/Jun/2026:04:49:13 +0000] "GET /new/.env HTTP/1.1" show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-03 03:44:10 (18 hours ago)	(mod_security) mod_security (id:210492) triggered by 46.202.156.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 46.202.156.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 23:44:06.910703 2026] [security2:error] [pid 16436:tid 16436] [client 46.202.156.115:40672] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oualierealty.com"] [uri "/api/.env"] [unique_id "ah-jBpDEM5-kIBOQxHyTbwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 FireGuard Server	2026-06-03 02:30:02 (19 hours ago)	Blocked by OPNsense firewall; 27 hits, proto=tcp, ports=443	Port Scan Hacking
🇺🇸 TPI-Abuse	2026-06-03 02:01:12 (19 hours ago)	(mod_security) mod_security (id:210492) triggered by 46.202.156.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 46.202.156.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 22:01:06.138864 2026] [security2:error] [pid 15197:tid 15255] [client 46.202.156.115:48082] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kincers.com"] [uri "/.env"] [unique_id "ah-K4liV5W5hYJxKZb_DegAAANY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 01:40:11 (20 hours ago)	(mod_security) mod_security (id:210492) triggered by 46.202.156.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 46.202.156.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 21:40:05.806140 2026] [security2:error] [pid 3218:tid 3218] [client 46.202.156.115:57010] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kaibeth.com"] [uri "/app/.env"] [unique_id "ah-F9S-TgJUb6zHuMa9JwwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 tentwentyfour	2026-06-02 19:11:07 (1 day ago)	Blocked for probing for sensitive web application components	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 16:17:16 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 46.202.156.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 46.202.156.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 12:17:11.502623 2026] [security2:error] [pid 12084:tid 12084] [client 46.202.156.115:58670] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kelleysbridge.com"] [uri "/dev/.env"] [unique_id "ah8CB-MBVcmGyZoxD9POygAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 14:34:10 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 46.202.156.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 46.202.156.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 10:34:06.017139 2026] [security2:error] [pid 22173:tid 22173] [client 46.202.156.115:50082] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vpatech.com"] [uri "/admin/.env"] [unique_id "ah7p3kBVBWXiQqWVN9MGbgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 58 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇴 192.145.168.50

🇷🇴 92.118.39.62

🇧🇬 79.124.56.238

🇺🇸 70.40.220.123

🇺🇸 68.69.177.101

🇺🇸 20.29.22.204

🇵🇹 213.205.79.49

🇨🇦 173.230.191.177

🇩🇪 164.90.178.220

🇮🇹 158.173.77.72

🇨🇳 125.106.148.102

🇺🇸 50.118.248.199

🇳🇱 45.148.10.152

🇬🇧 217.146.80.102

🇧🇷 205.210.31.214

🇺🇸 192.249.121.181

🇸🇬 165.22.52.238

🇺🇸 64.31.25.250

🇨🇳 60.24.208.248

🇺🇸 47.251.189.38