JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.47.102

104.207.47.102 was found in our database!

This IP was reported 160 times. Confidence of Abuse is 42%: ?

42%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.47.102

Whois 104.207.47.102

IP Abuse Reports for 104.207.47.102:

This IP address has been reported a total of 160 times from 27 distinct sources. 104.207.47.102 was first reported on June 12th 2024, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 cmbplf	2026-05-31 14:35:05 (6 days ago)	473 requests with url.path .git/ 469 requests with url.path */.git/config	Brute-Force Bad Web Bot
🇩🇪 Ba-Yu	2026-05-31 13:17:31 (6 days ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 mnsf	2026-05-31 13:05:22 (6 days ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇬🇧 retrokitty.net	2026-05-31 12:42:42 (6 days ago)	104.207.47.102 - - [31/May/2026:12:42:41 +0000] "GET /.git/config HTTP/1.1" 503 22090 "-" "Mozilla/5 ... show more 104.207.47.102 - - [31/May/2026:12:42:41 +0000] "GET /.git/config HTTP/1.1" 503 22090 "-" "Mozilla/5.0 (Linux; Android 9; ANE-LX1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Mobile Safari/537.36" ... show less	Web App Attack
Anonymous	2026-05-21 07:20:02 (2 weeks ago)	suspicious request in access.log	Web App Attack
🇳🇱 wlt-blocker	2026-05-11 21:40:44 (3 weeks ago)	Unauthorized access to webpage admin	Web App Attack
🇩🇪 4server	2026-04-30 03:32:14 (1 month ago)	[ThuApr3005:32:11.3013612026][security2:error][pid2445841:tid2445860][client104.207.47.102:0]ModSecu ... show more [ThuApr3005:32:11.3013612026][security2:error][pid2445841:tid2445860][client104.207.47.102:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"casacarmen.ch\"][uri\"/\"][unique_id\"afLNO8HrLv55FO8HHzgNdwAAAIg\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-04-29 20:54:04 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.102 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 29 16:53:56.495797 2026] [security2:error] [pid 16592:tid 16592] [client 104.207.47.102:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aslanhan.com"] [uri "/.env"] [unique_id "afJv5Pj_vMC_JV-a2HfQWQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-04-28 04:32:28 (1 month ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 104.207.47.102 (US/United States/-): ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 104.207.47.102 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇫🇷 masterguru	2026-03-29 14:10:27 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.47.102 (US/United States/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.47.102 (US/United States/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇧🇪 voormedia	2026-02-26 03:44:07 (3 months ago)	Accessed trap at '/xmlrpc.php'	Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 03:36:43 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.102 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 22:36:36.536171 2026] [security2:error] [pid 8550:tid 8550] [client 104.207.47.102:47855] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kidswithcamerasmovie.com"] [uri "/.env"] [unique_id "aZaFRDe2LWn3OrtElGkVUQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 03:01:07 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.102 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 22:00:53.313622 2026] [security2:error] [pid 28466:tid 28466] [client 104.207.47.102:36625] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kennedimoore.click"] [uri "/.env.save"] [unique_id "aZZ85QLDU3Ge-ie5am77iQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 02:34:48 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.102 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 21:34:45.992658 2026] [security2:error] [pid 13280:tid 13280] [client 104.207.47.102:55187] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kdarmsta.com"] [uri "/.env.staging"] [unique_id "aZZ2xQoaLd2-xA9h0rnYAgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 00:45:51 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.102 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 19:45:42.993515 2026] [security2:error] [pid 15833:tid 15833] [client 104.207.47.102:10819] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vycestudiojuridico.cl"] [uri "/backend/.env"] [unique_id "aZZdNhEUERKopK8mD2xt0wAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 160 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 221.1.66.220

🇨🇳 203.83.234.180

🇸🇬 188.166.176.239

🇨🇳 180.76.225.175

🇨🇳 120.193.9.168

🇨🇳 106.63.6.210

🇺🇸 66.132.195.121

🇳🇱 45.148.10.240

🇬🇧 45.82.76.122

🇨🇳 14.103.116.173

🇹🇼 220.129.128.40

🇺🇸 205.210.31.67

🇵🇰 203.124.44.231

🇲🇾 202.165.15.132

🇳🇨 202.22.134.110

🇲🇽 200.77.172.159

🇨🇳 182.138.158.108

🇳🇱 176.65.139.151

🇺🇸 162.216.149.78

🇮🇳 122.186.165.38