JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.47.126

104.207.47.126 was found in our database!

This IP was reported 142 times. Confidence of Abuse is 8%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.47.126

Whois 104.207.47.126

IP Abuse Reports for 104.207.47.126:

This IP address has been reported a total of 142 times from 22 distinct sources. 104.207.47.126 was first reported on June 7th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-05-17 03:58:13 (3 weeks ago)	Brute force	Brute-Force
🇺🇸 nowyouknow	2026-04-18 02:39:01 (1 month ago)	(From [email protected]) Hi Discover Chiropractic, I’ve built and trained an AI employe ... show more (From [email protected]) Hi Discover Chiropractic, I’ve built and trained an AI employee specifically for Discover Chiropractic. It’s already been trained on 6+ hours worth of your publicly available data — your website, Google Business Profile, and more. It knows how to answer customer questions, capture leads, and even follow up — just like a team member would. This isn’t a sales call. It’s a 20-minute demo where you can actually interact with the AI employee and see what it can do. Would today or tomorrow work for a quick walkthrough? Schedule a time on my calendar to meet the agent I trained for you and see what she can do here: getdandy.com/schedule-a-call/ or call me at (949)-755-7782 Talk soon, Thank you, Jennifer O'Brien \| Director of Operations GetDandy getdandy.com/schedule-a-call/ Unsubscribe here: bit.ly/42wnUsa show less	Phishing Web Spam
🇺🇸 nowyouknow	2026-03-18 08:46:54 (2 months ago)	(From [email protected]) Hello Bowerschiro Net, This is Angie Parsons from Spiegelglass Co ... show more (From [email protected]) Hello Bowerschiro Net, This is Angie Parsons from Spiegelglass Construction Company. We’re reviewing potential partners for an upcoming Q2 2026 project and wanted to check your availability and interest in receiving more details. Scope information will be shared once we confirm your interest.. Sincerely, Angie Parsons Project Manager Spiegelglass Construction Company. show less	Phishing Web Spam
🇳🇱 homeshowdomain.nl	2026-01-02 23:01:26 (5 months ago)	Auto-ban: >3000 req/min op 2026-01-02	Hacking Web App Attack SSH
🇨🇭 blinx	2025-12-30 04:18:26 (5 months ago)	Suspicious activity detected by Modsecurity	Web Spam Port Scan Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 21:27:42 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 16:27:36.658583 2025] [security2:error] [pid 13531:tid 13531] [client 104.207.47.126:47905] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "latentpixel.com"] [uri "/.git/HEAD"] [unique_id "aVBPSEw-k9hsZaRPaq_pOwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 19:42:48 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 14:42:43.994581 2025] [security2:error] [pid 2452:tid 2452] [client 104.207.47.126:15095] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gurusportz.com"] [uri "/.env"] [unique_id "aVA2sxZLMLztD_mY0FgTfQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 iNetWorker	2025-12-27 19:06:20 (5 months ago)	trolling for resource vulnerabilities	Web App Attack
🇺🇸 myagent.site	2025-12-27 17:17:42 (5 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇫🇷 Thaliruth	2025-12-26 16:16:09 (5 months ago)	[26/Dec/2025:17:16:08.563508 +0100] aU60yIEJcgXK7zO4-9SuYgAAAEM 104.207.47.126 57462 127.0.0.1 7080 ... show more [26/Dec/2025:17:16:08.563508 +0100] aU60yIEJcgXK7zO4-9SuYgAAAEM 104.207.47.126 57462 127.0.0.1 7080 ... show less	Hacking
🇮🇹 VHosting	2025-12-23 11:24:10 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-25 06:01:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:01:14.367126 2025] [security2:error] [pid 13754:tid 13766] [client 104.207.47.126:35005] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.gryphix.com"] [uri "/.git/HEAD"] [unique_id "aSVGKqITODRS1uMOGv84DQAAAEY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:07:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:07:50.691250 2025] [security2:error] [pid 23192:tid 23192] [client 104.207.47.126:26637] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.shepherdsgroup.com"] [uri "/.git/HEAD"] [unique_id "aSU5pqdvkarbKjbBVhhl8QAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:45:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:45:16.923794 2025] [security2:error] [pid 11389:tid 11389] [client 104.207.47.126:48211] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.vaerobics.com"] [uri "/.env"] [unique_id "aSU0XBmHmsI5Ih5pg19tDgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:11:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:11:15.318303 2025] [security2:error] [pid 6246:tid 6246] [client 104.207.47.126:25829] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.citati.net"] [uri "/.svn/wc.db"] [unique_id "aSUsYytnPgm9Kjm6CgNYEAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 142 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 216.26.241.132

🇺🇸 166.149.16.62

🇺🇸 20.64.104.164

🇧🇪 198.235.24.228

🇹🇼 198.235.24.72

🇩🇪 167.99.240.181

🇺🇸 147.185.132.232

🇺🇸 104.168.1.203

🇺🇸 66.132.172.37

🇺🇸 49.51.204.105

🇳🇱 45.198.224.5

🇺🇸 207.241.173.205

🇺🇸 195.184.76.117

🇦🇷 181.116.220.140

🇺🇸 147.185.132.100

🇻🇳 103.143.207.18

🇮🇹 82.63.68.26

🇺🇸 40.90.250.163

🇩🇪 34.32.55.171

🇷🇴 2.57.122.177