JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 46.203.195.121

46.203.195.121 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 0%: ?

ISP	US ISP
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	ukrtelecom.ua
Country	🇦🇺 Australia
City	Sydney, New South Wales

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 46.203.195.121

Whois 46.203.195.121

IP Abuse Reports for 46.203.195.121:

This IP address has been reported a total of 7 times from 4 distinct sources. 46.203.195.121 was first reported on January 26th 2025, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-17 18:20:03 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 46.203.195.121 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 46.203.195.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 13:19:54.526895 2026] [security2:error] [pid 14202:tid 14202] [client 46.203.195.121:59401] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/images../.git/config"] [unique_id "aWvSysgMX-vv0gov1sspzQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 17:50:54 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 46.203.195.121 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 46.203.195.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 12:50:31.113438 2025] [security2:error] [pid 30292:tid 30596] [client 46.203.195.121:55745] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.kettlehill.net"] [uri "/events../.git/config"] [unique_id "aVK_Z4Gwzh_8AlcRvOiGHAAAAQ0"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇪 RoboSOC	2025-10-16 12:35:51 (7 months ago)	Bash Remote Code Execution Vulnerability , PTR: PTR record not found	Hacking
🇺🇸 TPI-Abuse	2025-07-27 00:51:38 (10 months ago)	(mod_security) mod_security (id:221260) triggered by 46.203.195.121 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:221260) triggered by 46.203.195.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 20:51:32.309420 2025] [security2:error] [pid 404372:tid 404543] [client 46.203.195.121:37011] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|ftp.kettlehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.kettlehill.com"] [uri "/test.cgi"] [unique_id "aIV4FBTdKN3sxMPXSjT3dgAAARA"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 23:24:01 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 46.203.195.121 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 46.203.195.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 19:23:53.890503 2025] [security2:error] [pid 3746112:tid 3746112] [client 46.203.195.121:58823] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.farmers123.com"] [uri "/.env.stage"] [unique_id "aDjsiSnhkyX_OCHyM8z73AAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-03-25 08:24:59 (1 year ago)	Ports: 2077,2078,2082,2083,2086,2087,2095,2096; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
Anonymous	2025-01-26 03:50:20 (1 year ago)	\| XSS (Cross Site Scripting) attempt.	Hacking SQL Injection Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 223.25.108.2

🇨🇳 113.221.15.134

🇲🇾 49.124.151.55

🇯🇵 43.165.180.54

🇭🇰 23.91.97.170

🇮🇪 4.210.91.174

🇰🇷 222.239.251.12

🇩🇪 213.209.159.56

🇷🇺 213.135.157.127

🇪🇸 172.110.219.251

🇻🇳 171.231.198.145

🇺🇸 162.216.149.23

🇸🇩 154.100.2.240

🇨🇳 120.48.199.28

🇺🇸 66.240.205.34

🇫🇷 51.68.107.142

🇺🇸 40.124.173.168

🇷🇴 2.57.121.25

🇳🇱 204.76.203.79

🇺🇸 172.202.104.157