JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.47.146

104.207.47.146 was found in our database!

This IP was reported 144 times. Confidence of Abuse is 7%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.47.146

Whois 104.207.47.146

IP Abuse Reports for 104.207.47.146:

This IP address has been reported a total of 144 times from 18 distinct sources. 104.207.47.146 was first reported on June 7th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-04-25 18:10:24 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 21-10.104.207.47.146.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 21-10.104.207.47.146.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇨🇳 ThreatBook.io	2026-04-23 23:42:42 (1 month ago)	ThreatBook Intelligence: http_proxy,cdn more details on https://threatbook.io/ip/104.207.47.146 2026 ... show more ThreatBook Intelligence: http_proxy,cdn more details on https://threatbook.io/ip/104.207.47.146 2026-04-23 05:42:29 /?debug=command&expression=%23context%5b%22xwork.MethodAccessor.denyMethodExecution%22%5d%3dfalse%2c%23f%3d%23_memberAccess.getClass%28%29.getDeclaredField%28%22allowStaticMethodAccess%22%29%2c%23f.setAccessible%28true%29%2c%23f.set%28%23_memberAccess%2ctrue%29%2c%23a%[email protected]@getRuntime%28%29.exec%28%22netstat%20-an%22%29.getInputStream%28%29%2c%23b%3dnew%20java.io.InputStreamReader%28%23a%29%2c%23c%3dnew%20java.io.BufferedReader%28%23b%29%2c%23d%3dnew%20char%5b50000%5d%2c%23c.read%28%23d%29%2c%23genxor%3d%23context.get%28%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22%29.getWriter%28%29%2c%23genxor.println%28%23d%29%2c%23genxor.flush%28%29%2c%23genxor.close%28%29 show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-22 12:08:42 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.146 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 22 07:08:36.378006 2026] [security2:error] [pid 2412:tid 2416] [client 104.207.47.146:43217] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "davidtung.com"] [uri "/.git/config"] [unique_id "aZrxxKXxN2z9A3ybkPi5RQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 stinpriza	2026-01-31 19:20:40 (4 months ago)	Web App Attack	Web App Attack
🇪🇸 10dencehispahard SL	2026-01-23 07:33:12 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
Anonymous	2026-01-03 16:20:58 (5 months ago)	wordpress-trap	Web App Attack
🇳🇱 MM-bot	2026-01-02 17:35:09 (5 months ago)	URL-probe: HTTP/1.1 GET request on /wp-login.php (2026-01-02 18:35:09 UTC+1)	Hacking Web App Attack
🇮🇩 Burayot	2025-12-31 06:45:45 (5 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.47.146 (US/United States/-) ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.47.146 (US/United States/-): 2 in the last 3600 secs show less	Web App Attack
🇦🇺 oncord	2025-12-27 16:47:09 (5 months ago)	Form spam	Web Spam
🇨🇳 ThreatBook.io	2025-12-24 00:09:40 (5 months ago)	ThreatBook Intelligence: http_proxy,Dynamic IP more details on https://threatbook.io/ip/104.207.47.1 ... show more ThreatBook Intelligence: http_proxy,Dynamic IP more details on https://threatbook.io/ip/104.207.47.146 2025-12-23 11:21:59 /book/index.php?c=search&catid=23%20and%20(select%201%20from%20(select%20count(),concat(md5(1),floor(rand(0)2))x%20from%20information_schema.tables%20group%20by%20x)a) show less	Web App Attack
Anonymous	2025-11-28 22:58:04 (6 months ago)	Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.28 is noted in report ti ... show more Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.28 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-27 21:01:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.146 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 16:01:03.191407 2025] [security2:error] [pid 22051:tid 22051] [client 104.207.47.146:59711] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dianamead.com"] [uri "/.svn/wc.db"] [unique_id "aSi8D48xBQ1unQqoziHx_QAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 19:14:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.146 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 14:14:34.501869 2025] [security2:error] [pid 1843623:tid 1843631] [client 104.207.47.146:39939] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "amazinglips.com"] [uri "/.git/HEAD"] [unique_id "aSijGnASHyU5GUcxUiYvqQAAAQY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-19 05:07:52 (6 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.19 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.19 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-14 07:50:50 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 144 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 167.94.146.38

🇩🇪 167.94.145.29

🇨🇳 123.245.85.116

🇨🇳 112.94.252.45

🇺🇸 104.164.173.59

🇺🇸 104.152.52.145

🇲🇾 72.60.196.169

🇯🇵 8.216.8.251

🇰🇬 212.42.122.66

🇩🇪 207.154.216.114

🇷🇴 193.46.255.86

🇧🇷 168.196.144.234

🇮🇳 165.232.182.138

🇮🇹 151.59.138.251

🇺🇸 107.170.247.81

🇮🇳 103.24.135.211

🇺🇸 65.49.1.37

🇺🇸 64.62.156.171

🇵🇰 39.59.94.0

🇮🇩 36.64.96.146