JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 46.202.227.12

46.202.227.12 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 4%: ?

ISP	US ISP
Usage Type	Data Center/Web Hosting/Transit
ASN	AS394380
Domain Name	ukrtelecom.ua
Country	🇺🇸 United States of America
City	Dallas, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 46.202.227.12

Whois 46.202.227.12

IP Abuse Reports for 46.202.227.12:

This IP address has been reported a total of 6 times from 2 distinct sources. 46.202.227.12 was first reported on June 1st 2025, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 bigorre.org	2026-06-17 16:42:46 (10 hours ago)	Excessive crawling : exceed crawl-delay defined in robots.txt	Bad Web Bot
🇫🇷 bigorre.org	2026-06-13 14:44:31 (4 days ago)	Excessive crawling : exceed crawl-delay defined in robots.txt	Bad Web Bot
🇺🇸 TPI-Abuse	2026-01-16 11:52:28 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 46.202.227.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 46.202.227.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 06:52:24.390601 2026] [security2:error] [pid 20593:tid 20593] [client 46.202.227.12:56845] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/web.config"] [unique_id "aWomeEkIhShTpoXb2EC0IgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-01 05:49:35 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 46.202.227.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 46.202.227.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 00:48:40.887818 2025] [security2:error] [pid 26090:tid 26456] [client 46.202.227.12:50589] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.kettlehill.net\|F\|2"] [data ".kettlehill.net.key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.kettlehill.net"] [uri "/ftp.kettlehill.net.key"] [unique_id "aS0sOAqR0geke5MRGl4EJQAAAIo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-22 22:26:53 (8 months ago)	(mod_security) mod_security (id:210730) triggered by 46.202.227.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 46.202.227.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 22 18:26:43.795733 2025] [security2:error] [pid 10082:tid 10082] [client 46.202.227.12:47935] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.deandobkin.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.deandobkin.com"] [uri "/..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\windows\\\\win.ini"] [unique_id "aNHNI33dgrEIymvCKk0regAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-06-01 05:51:25 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 46.202.227.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 46.202.227.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 01 01:50:57.042894 2025] [security2:error] [pid 2256137:tid 2256237] [client 46.202.227.12:57049] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.staging.kettlehill.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "staging.kettlehill.com"] [uri "/backup.sql"] [unique_id "aDvqQWQ8Dui5hvebpq97rQAAAMY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇿 212.47.132.69

🇳🇱 185.93.89.39

🇳🇱 176.65.148.132

🇷🇺 154.83.196.237

🇯🇵 152.70.86.216

🇭🇰 152.32.189.121

🇺🇸 152.32.183.31

🇰🇷 119.66.149.240

🇺🇸 64.62.197.145

🇩🇪 46.101.142.132

🇨🇴 45.167.250.45

🇳🇱 45.148.10.200

🇺🇸 217.181.76.216

🇺🇸 217.181.67.246

🇧🇷 205.210.31.231

🇮🇩 204.51.34.1

🇬🇹 190.151.130.5

🇳🇱 185.226.197.42

🇬🇧 176.126.78.131

🇯🇵 124.155.94.151