JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.47.130

104.207.47.130 was found in our database!

This IP was reported 187 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.47.130

Whois 104.207.47.130

IP Abuse Reports for 104.207.47.130:

This IP address has been reported a total of 187 times from 29 distinct sources. 104.207.47.130 was first reported on June 11th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-02-15 12:35:21 (3 months ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇺🇸 TPI-Abuse	2026-02-15 12:34:16 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:34:10.822045 2026] [security2:error] [pid 786850:tid 786853] [client 104.207.47.130:31795] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "quetzalcoatl2012.net"] [uri "/frontend/.env"] [unique_id "aZG9Qul4D30lxioNoxLmOgAAAME"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:30:43 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:30:36.502486 2026] [security2:error] [pid 20172:tid 20172] [client 104.207.47.130:63977] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ozarkshousing.com"] [uri "/admin/.git/config"] [unique_id "aZGuXGaP8UUxGJtAv6r2ngAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 07:02:44 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 02:02:37.339868 2026] [security2:error] [pid 12209:tid 12209] [client 104.207.47.130:49881] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "seatbeltstatistics.org"] [uri "/backend/.env"] [unique_id "aZFvjXsi2Qn0JRlW7u3rCQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:20:35 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:20:28.646174 2026] [security2:error] [pid 25249:tid 25249] [client 104.207.47.130:21263] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "onlineteacher.info"] [uri "/new/.git/config"] [unique_id "aZFlrJZW3H0adBImOpMTzwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-02-15 06:01:48 (4 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.47.130 (US/United States/-) ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.47.130 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:58:27 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:58:22.685938 2026] [security2:error] [pid 28203:tid 28203] [client 104.207.47.130:61977] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "omnithermal.com"] [uri "/config/.env"] [unique_id "aZFgfjtT4dr29mq9Z-YjfwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-15 05:18:24 (4 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇩🇪 big-cloud.nl	2026-02-15 05:17:20 (4 months ago)	Try to access /.env	Web App Attack
🇺🇸 OceanTreasure	2026-02-15 05:15:34 (4 months ago)	tcp/443; Git configuration exposure attempt: "GET /api/.git/config" @ 2026-02-15T05:06:07Z [proxy]	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:12:14 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:12:09.167376 2026] [security2:error] [pid 10935:tid 10935] [client 104.207.47.130:50475] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "odessatexas.us"] [uri "/api/.git/config"] [unique_id "aZFVqbgldt3aqp9FOAzUhQAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:48:37 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:48:29.796475 2026] [security2:error] [pid 9763:tid 9763] [client 104.207.47.130:51627] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sanvayu.com"] [uri "/.env.staging"] [unique_id "aZFQHV8ql0Ou5ytGfmYNjgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:06:35 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:06:28.745563 2026] [security2:error] [pid 14709:tid 14709] [client 104.207.47.130:56829] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "powdercoatovens.net"] [uri "/api/.git/config"] [unique_id "aZFGREE5z9QTdrdW0CJ_TAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:42:11 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:42:04.350037 2026] [security2:error] [pid 1269975:tid 1269975] [client 104.207.47.130:46081] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sailorbandido.com"] [uri "/app/.git/config"] [unique_id "aZFAjOaxHMLw2wrUo4P_CQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:13:44 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:13:36.934062 2026] [security2:error] [pid 11764:tid 11764] [client 104.207.47.130:11907] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sabbathseminars.net"] [uri "/frontend/.env"] [unique_id "aZE54A5ExYrK8KWVPhxIqAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 187 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 185.247.137.47

🇧🇩 103.205.134.74

🇩🇪 64.89.163.93

🇺🇸 52.180.136.250

🇦🇷 45.229.205.242

🇧🇪 34.52.236.5

🇺🇸 2604:a880:400:d1:0:4:9638:e001

🇺🇸 216.180.246.226

🇺🇸 216.73.161.215

🇪🇨 200.24.152.212

🇬🇧 193.163.125.253

🇻🇪 190.142.97.50

🇸🇬 188.241.80.140

🇭🇰 152.32.172.177

🇮🇶 151.244.144.85

🇨🇳 115.190.44.249

🇸🇬 101.47.8.188

🇺🇸 100.29.192.34

🇸🇬 94.231.206.131

🇨🇳 81.70.217.247