JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.47.158

104.207.47.158 was found in our database!

This IP was reported 131 times. Confidence of Abuse is 11%: ?

11%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.47.158

Whois 104.207.47.158

IP Abuse Reports for 104.207.47.158:

This IP address has been reported a total of 131 times from 13 distinct sources. 104.207.47.158 was first reported on June 5th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-20 05:19:29 (1 day ago)	Web App Attack	Web App Attack
Anonymous	2026-05-11 22:04:32 (1 month ago)	Multiple failed login attemps RDS-Web-Access-Server	Brute-Force Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:00:51 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇫🇷 Little Iguana	2025-12-08 15:25:20 (6 months ago)	Attempt to hack Wordpress Login, XMLRPC or other login	Hacking
🇺🇸 TPI-Abuse	2025-12-08 08:48:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.158 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 03:48:43.462566 2025] [security2:error] [pid 12361:tid 12361] [client 104.207.47.158:57145] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crossfiregold.com"] [uri "/.svn/wc.db"] [unique_id "aTaQ647OZbEtFeKq2-IN4wAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 15:42:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.158 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 10:42:50.101975 2025] [security2:error] [pid 14385:tid 14385] [client 104.207.47.158:49833] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wilsontribe.org"] [uri "/.svn/wc.db"] [unique_id "aTWgek6kgBO8EqExWQ63xgAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 14:58:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.158 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 09:58:24.658324 2025] [security2:error] [pid 1194:tid 1194] [client 104.207.47.158:17271] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sekel.org"] [uri "/.env"] [unique_id "aTWWEIjTH7xiRSWMD6tDwAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 jjnxpct	2025-12-07 04:54:14 (6 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.svn/wc.db (Rule ID: 920440) - URL file extension is restricted by policy show less	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 10:51:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.158 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 05:51:03.817051 2025] [security2:error] [pid 16887:tid 16887] [client 104.207.47.158:53855] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "agenesis7.com"] [uri "/.env"] [unique_id "aTK5FwkFwGSnONtzkpVbCAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 01:46:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.158 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 20:46:14.427714 2025] [security2:error] [pid 22436:tid 22436] [client 104.207.47.158:36333] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sagoscapes.com"] [uri "/.env"] [unique_id "aTI5ZvKHc1hUmdagLSG2vwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:22:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.158 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:22:11.996219 2025] [security2:error] [pid 796:tid 796] [client 104.207.47.158:35313] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.faithlines.com"] [uri "/.git/HEAD"] [unique_id "aSQVs4bqqYs_HIpdUHJLpQAAACc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:38:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.158 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:38:29.685265 2025] [security2:error] [pid 10812:tid 10812] [client 104.207.47.158:48845] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.rktect.com"] [uri "/.git/HEAD"] [unique_id "aSPhRb00UHLEo9hUjMxatgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:32:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.158 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:32:09.685974 2025] [security2:error] [pid 3167:tid 3167] [client 104.207.47.158:36701] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.ironheadsofseo.com"] [uri "/.git/HEAD"] [unique_id "aSPRuc7kdKZICwSSfwHoFQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 15:50:42 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 131 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 172.71.144.137

🇮🇩 163.7.11.155

🇨🇳 124.174.44.175

🇨🇳 101.96.198.153

🇺🇸 92.204.138.58

🇮🇳 49.206.27.37

🇨🇳 47.114.104.125

🇳🇱 45.148.10.152

🇷🇴 2.57.122.238

🇨🇳 221.11.20.163

🇨🇳 218.21.182.228

🇩🇪 209.38.234.169

🇰🇭 202.79.29.108

🇦🇲 176.32.193.16

🇺🇸 172.200.228.35

🇺🇸 172.190.51.254

🇵🇰 156.238.86.2

🇷🇺 95.215.108.47

🇺🇸 91.193.232.116

🇻🇳 27.79.43.110