JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.47.111

104.207.47.111 was found in our database!

This IP was reported 137 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.47.111

Whois 104.207.47.111

IP Abuse Reports for 104.207.47.111:

This IP address has been reported a total of 137 times from 18 distinct sources. 104.207.47.111 was first reported on June 11th 2024, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-21 11:36:38 (4 weeks ago)	Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran. ... show more Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran.cloud show less	FTP Brute-Force Brute-Force
🇮🇹 [email protected]	2026-04-18 08:41:50 (2 months ago)	[Sat Apr 18 10:41:50.293953 2026] [authz_core:error] [pid 560720:tid 560748] [remote 104.207.47.111: ... show more [Sat Apr 18 10:41:50.293953 2026] [authz_core:error] [pid 560720:tid 560748] [remote 104.207.47.111:39495] AH01630: client denied by server configuration: /var/www/html/MyWeb/Wordpress_www/wp-login.php ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 23:14:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 18:14:47.555482 2025] [security2:error] [pid 24035:tid 24035] [client 104.207.47.111:23251] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ibiocat.com"] [uri "/.git/HEAD"] [unique_id "aS9y58HR-1TErd8T1SL3RQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 20:03:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 15:03:39.114226 2025] [security2:error] [pid 22688:tid 22688] [client 104.207.47.111:32359] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "halblog.com"] [uri "/.svn/wc.db"] [unique_id "aS9GG35laY9Dzr09UqDh6QAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 16:34:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 11:34:14.991292 2025] [security2:error] [pid 32190:tid 32190] [client 104.207.47.111:39259] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lesdaniels.com"] [uri "/.git/HEAD"] [unique_id "aS8VBsNoNiSo32bub36jcwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 15:46:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 10:46:23.091908 2025] [security2:error] [pid 26207:tid 26207] [client 104.207.47.111:38195] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bnaiisraelkearny.com"] [uri "/.svn/wc.db"] [unique_id "aS8Jz1FUCMGjRAJv9fIjRgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 12:41:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 07:41:21.823251 2025] [security2:error] [pid 4660:tid 4686] [client 104.207.47.111:58073] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "delapiazza.com"] [uri "/.env"] [unique_id "aS7ecU6M3RhR5_FEjlW4bgAAAJc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 07:54:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 02:54:11.375400 2025] [security2:error] [pid 22507:tid 22507] [client 104.207.47.111:9617] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "partyquilt.com"] [uri "/.env"] [unique_id "aS6bIyp4t8peDL-E5dgxmwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:01:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:01:32.349465 2025] [security2:error] [pid 30689:tid 30689] [client 104.207.47.111:36539] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "automatebi.com"] [uri "/.svn/wc.db"] [unique_id "aS5yrISPvZQiJr2DNNghKwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:32:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:32:15.096695 2025] [security2:error] [pid 31538:tid 31538] [client 104.207.47.111:28265] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.ditchthediaper.com"] [uri "/.svn/wc.db"] [unique_id "aSQmHzXdUMTF1HlkA3xltAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇸 Smel	2025-11-24 09:22:04 (6 months ago)	HTTP/80/443/8080 Unauthorized Probe, Hack -	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:31:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:31:51.154515 2025] [security2:error] [pid 17354:tid 17354] [client 104.207.47.111:48523] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ferareta.com.ar"] [uri "/.git/HEAD"] [unique_id "aSP71wvveUyd2LujTB5SugAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:15:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:15:03.811669 2025] [security2:error] [pid 3394659:tid 3394659] [client 104.207.47.111:54735] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sternscape.com"] [uri "/.env"] [unique_id "aSP35-PG3COS8U2nyb6xTwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 13:28:16 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇺🇸 nowyouknow	2025-11-03 15:38:17 (7 months ago)	(From [email protected]) Supercharge mainfamilychiro.com SEO standings, grow your search visibi ... show more (From [email protected]) Supercharge mainfamilychiro.com SEO standings, grow your search visibility and build powerful backlinks! BonusBacklinks.com - we build daily backlinks and bring website clicks to your website EVERY DAY: + Use 85% OFF + Quality daily backlinks + Organic website traffic + Prices cheap as $1 + Bonus discount codes http://tiny.cc/bonusbacklinks-85sale BonusBacklinks.com - daily seo backlinks and organic clicks to increase your webpage every day show less	Phishing Web Spam

Showing 1 to 15 of 137 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 187.94.214.149

🇨🇳 182.151.41.228

🇨🇳 120.193.9.168

🇨🇦 85.217.149.36

🇲🇦 81.192.46.45

🇮🇶 65.20.251.41

🇸🇬 47.236.121.106

🇳🇱 45.148.10.121

🇮🇩 43.243.142.42

🇫🇷 213.136.86.224

🇺🇸 162.216.150.152

🇨🇳 125.89.210.169

🇻🇳 103.77.215.165

🇪🇸 80.102.218.187

🇪🇬 197.56.12.185

🇯🇵 157.101.164.69

🇩🇪 88.214.26.142

🇺🇸 50.116.72.11

🇨🇭 20.250.145.94

🇨🇳 14.103.21.179