JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 46.202.156.242

46.202.156.242 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 100%: ?

100%

ISP	US ISP
Usage Type	Data Center/Web Hosting/Transit
ASN	AS47583
Domain Name	ukrtelecom.ua
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 46.202.156.242

Whois 46.202.156.242

IP Abuse Reports for 46.202.156.242:

This IP address has been reported a total of 27 times from 22 distinct sources. 46.202.156.242 was first reported on June 7th 2026, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-06-08 07:04:43 (6 days ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-196)	Hacking Web App Attack
🇩🇪 ghostwarriors	2026-06-08 00:50:07 (6 days ago)	Attempts against non-existent wp-login	Brute-Force Web App Attack
🇷🇺 DZBOT	2026-06-07 23:36:08 (6 days ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
Anonymous	2026-06-07 21:55:19 (6 days ago)	2026/06/07 21:55:17 [error] 4432#4432: 7233 [client 46.202.156.242] ModSecurity: Access denied with ... show more 2026/06/07 21:55:17 [error] 4432#4432: 7233 [client 46.202.156.242] ModSecurity: Access denied with code 403 (phase 2). Matched "Operator `Ge' with parameter `5' against variable `TX:BLOCKING_INBOUND_ANOMALY_SCORE' (Value: `5' ) [file "/usr/local/owasp-modsecurity-crs-4.11.0/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "222"] [id "949110"] [rev ""] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [data ""] [severity "0"] [ver "OWASP_CRS/4.27.0"] [maturity "0"] [accuracy "0"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "justabhospital.org"] [uri "/core/.env.save"] [unique_id "178086931719.256511"] [ref ""], client: 46.202.156.242, server: srv.ingeltechgh.com, request: "GET /core/.env.save HTTP/1.1", host: "justabhospital.org" 2026/06/07 21:55:17 [error] 4391#4391: *7236 [client 46.202.156.242] ModSecurity: Access denied with code 403 (phase 2). Matched "Operator `Ge' with parameter `5' against variable `TX:BLOCKING_INBOUND_ANOMALY_SCORE' (Value: `5' ) [file "/usr/loca ... show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-07 21:12:08 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 46.202.156.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 46.202.156.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 17:12:01.971880 2026] [security2:error] [pid 524:tid 524] [client 46.202.156.242:38078] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tigerallenyim.com"] [uri "/laravel/.env"] [unique_id "aiXeoSSCc3X2YyIzhA5ZcQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Oakley	2026-06-07 21:11:39 (6 days ago)	(confirmed_bot_sig) Confirmed bot	Hacking
🇳🇱 Savvii	2026-06-07 20:53:47 (1 week ago)	20 attempts against mh_ha-misbehave-ban on space	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 20:40:34 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 46.202.156.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 46.202.156.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 16:40:30.679735 2026] [security2:error] [pid 23217:tid 23217] [client 46.202.156.242:47250] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thescarfcompany.com"] [uri "/admin/.env"] [unique_id "aiXXPtP8GyHkaStpm3GWcAAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-07 20:26:28 (1 week ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-195)	Hacking Web App Attack
🇩🇪 Petros Stefanakis	2026-06-07 20:10:52 (1 week ago)	(mod_security) mod_security triggered on hostname [redacted] 46.202.156.242 (DE/Germany/-)	SQL Injection
🇫🇷 masterguru	2026-06-07 18:36:11 (1 week ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-201)	Hacking Web App Attack
Anonymous	2026-06-07 18:35:03 (1 week ago)	(caddyscan) Scanner path probe from 46.202.156.242 (DE/Germany/-): 5 in the last 3600 secs; Ports: * ... show more (caddyscan) Scanner path probe from 46.202.156.242 (DE/Germany/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 46.202.156.242 - - [07/Jun/2026:18:34:59 +0000] "GET /.env.save HTTP/1.1" [REDACTED] 200 2627 46.202.156.242 - - [07/Jun/2026:18:34:59 +0000] "GET /app/.env HTTP/1.1" [REDACTED] 200 2627 46.202.156.242 - - [07/Jun/2026:18:34:59 +0000] "GET /laravel/.env HTTP/1.1" [REDACTED] 200 2627 46.202.156.242 - - [07/Jun/2026:18:34:59 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 46.202.156.242 - - [07/Jun/2026:18:34:59 +0000] "GET /api/.env HTTP/1.1" show less	Port Scan
🇳🇱 ConsulHosting	2026-06-07 18:05:56 (1 week ago)	Excessive failed CAPTCHA attempts (CAPTCHA DoS)	Web App Attack
Anonymous	2026-06-07 17:30:01 (1 week ago)	suspicious request in access.log	Web App Attack
🇨🇭 Origon	2026-06-07 16:28:58 (1 week ago)	http-sensitive-files - IP: 46.202.156.242 - time="2026-06-07T18:28:57+02:00" level=info msg="(555f6 ... show more http-sensitive-files - IP: 46.202.156.242 - time="2026-06-07T18:28:57+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 46.202.156.242 (DE/47583) : 4h ban on Ip 46.202.156.242" module=db show less	Web App Attack

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.133

🇰🇪 154.159.237.144

🇦🇴 154.116.254.157

🇺🇸 146.70.187.161

🇨🇳 122.114.113.177

🇯🇵 43.167.215.253

🇧🇪 34.38.18.227

🇩🇰 185.245.84.59

🇮🇶 185.166.25.150

🇺🇸 172.253.240.55

🇳🇬 165.154.176.251

🇦🇺 103.91.194.47

🇨🇦 85.217.149.9

🇬🇧 81.77.148.151

🇨🇳 47.110.137.139

🇱🇹 45.227.254.130

🇳🇱 45.66.35.26

🇨🇳 39.129.119.45

🇻🇳 14.225.46.21

🇺🇸 172.183.94.161