JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.47.13

104.207.47.13 was found in our database!

This IP was reported 87 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.47.13

Whois 104.207.47.13

IP Abuse Reports for 104.207.47.13:

This IP address has been reported a total of 87 times from 18 distinct sources. 104.207.47.13 was first reported on June 4th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-05-15 12:06:55 (1 month ago)	Known malicious PHP file or CMS probe	Web App Attack
Anonymous	2026-03-27 07:58:34 (2 months ago)	Forum/form spam	Web Spam
🇺🇸 TPI-Abuse	2026-03-05 08:15:31 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.13 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 05 03:15:25.079642 2026] [security2:error] [pid 5953:tid 6043] [client 104.207.47.13:42497] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.howardhallis.com"] [uri "/.git/objects/e4/ebb98184e4b985ebc03634fde751b7fc38db93"] [unique_id "aak7ne9_LUubsM0EwzyO0QAAAdM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-05 06:34:18 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.13 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 05 01:34:09.082090 2026] [security2:error] [pid 22839:tid 22839] [client 104.207.47.13:58571] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.catholicshopper.com"] [uri "/wp-config.php"] [unique_id "aakj4aduSRiluI6iyefOHwAAABY"], referer: http://www.catholicshopper.com/wp-config.php show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 relianoid.com	2026-02-22 17:40:54 (3 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇺🇸 TPI-Abuse	2025-11-24 08:13:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.13 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:12:41.402872 2025] [security2:error] [pid 5275:tid 5275] [client 104.207.47.13:13161] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.hotspringstips.com"] [uri "/.git/HEAD"] [unique_id "aSQTeZabWiIs5ETKUXlpCAAAAEE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:45:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.13 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:45:13.312152 2025] [security2:error] [pid 21578:tid 21578] [client 104.207.47.13:36877] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.rimworld.com"] [uri "/.env"] [unique_id "aSP--SAYxj3y3qRWB8X4RQAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 01:32:37 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇫🇮 Shaik Sai Meera	2025-11-12 08:25:18 (7 months ago)	IM360 WAF: Infectors: Suspicious access attempt (webshell)	FTP Brute-Force Open Proxy Brute-Force
🇩🇪 ps-center	2025-10-27 08:29:06 (7 months ago)	MYH-W: TCP-Scanner. Port: 22	Port Scan
Anonymous	2025-10-17 03:02:39 (8 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇩🇪 LRob.fr	2025-10-16 03:49:28 (8 months ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇨🇦 wil.com	2025-10-15 10:16:42 (8 months ago)	GlobalProtect login attempts with user devinolsonmedia.	VPN IP Brute-Force
Anonymous	2025-10-14 19:43:51 (8 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.14 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.14 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-08 05:27:32 (8 months ago)	Attempted brute force login to web vpn 54 time(s); last attempt for 2025.10.08 is noted in report ti ... show more Attempted brute force login to web vpn 54 time(s); last attempt for 2025.10.08 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 87 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇪 193.189.100.199

🇺🇸 45.56.111.145

🇸🇪 193.189.100.195

🇳🇱 192.42.116.97

🇳🇱 192.42.116.96

🇸🇪 192.36.109.86

🇳🇱 185.242.226.61

🇨🇳 180.76.137.24

🇺🇸 165.154.255.26

🇺🇸 66.132.186.172

🇨🇳 14.103.112.243

🇩🇪 5.231.70.98

🇮🇩 202.77.111.162

🇿🇼 197.221.232.44

🇳🇱 192.42.116.64

🇳🇱 192.42.116.62

🇷🇺 178.178.222.62

🇫🇷 91.238.181.92

🇨🇳 58.245.27.195

🇨🇳 39.154.22.20