JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.47.197

104.207.47.197 was found in our database!

This IP was reported 162 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.47.197

Whois 104.207.47.197

IP Abuse Reports for 104.207.47.197:

This IP address has been reported a total of 162 times from 24 distinct sources. 104.207.47.197 was first reported on June 3rd 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Vegascosmetics	2026-02-15 22:50:23 (4 months ago)	Kingcopy(AI-IDS):IP does Multiple AWS Environment Abuse	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:28:07 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:27:49.551932 2026] [security2:error] [pid 12082:tid 12082] [client 104.207.47.197:63497] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "title49.com"] [uri "/dev/.git/config"] [unique_id "aZG7xXoXxi9XOhU4tQqVsgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:50:42 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:50:39.209990 2026] [security2:error] [pid 21464:tid 21464] [client 104.207.47.197:19213] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thugdoggsrecords.com"] [uri "/.env.production"] [unique_id "aZGzDzYkolOi1xO-zYv5rgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-15 05:50:29 (4 months ago)	(mod_security) mod_security triggered on hostname [redacted])	SQL Injection
🇺🇸 TPI-Abuse	2026-02-15 05:19:55 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:19:48.517618 2026] [security2:error] [pid 461:tid 461] [client 104.207.47.197:25597] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "superlamb.com"] [uri "/frontend/.env"] [unique_id "aZFXdDlkiOgzDt-gnhte3gAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:44:30 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:44:26.432182 2026] [security2:error] [pid 30178:tid 30178] [client 104.207.47.197:34489] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "styxwetworld.com"] [uri "/backend/.env"] [unique_id "aZFPKmIl7xyyicb8U3KHjQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 04:06:06 (4 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:20:07 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:19:57.309529 2026] [security2:error] [pid 5253:tid 5253] [client 104.207.47.197:45943] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "starrmail.net"] [uri "/admin/.env"] [unique_id "aZE7XRE7A6jaeAlo-uzMLAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:53:08 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:53:05.511244 2026] [security2:error] [pid 3018:tid 3018] [client 104.207.47.197:64027] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nanchy.net"] [uri "/backend/.env"] [unique_id "aZE1EVVfrtSlTUz55CuF6AAAAEg"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 ParaBug	2026-02-15 02:31:25 (4 months ago)	104.207.47.197 - - [15/Feb/2026:03:31:25 +0100] "GET /api/.env HTTP/1.1" 301 4221 "-" "Mozilla/5.0 ( ... show more 104.207.47.197 - - [15/Feb/2026:03:31:25 +0100] "GET /api/.env HTTP/1.1" 301 4221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Phishing Brute-Force Web App Attack
🇬🇧 WebNiraj	2026-02-15 02:19:51 (4 months ago)	(mod_security) mod_security (id:949110) triggered by 104.207.47.197 (US/United States/-): 5 in the l ... show more (mod_security) mod_security (id:949110) triggered by 104.207.47.197 (US/United States/-): 5 in the last 3600 secs [ZETA] show less	Brute-Force
🇺🇸 TPI-Abuse	2026-02-15 01:50:33 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:48:35.048980 2026] [security2:error] [pid 184121:tid 184207] [client 104.207.47.197:23105] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "soundstore.com"] [uri "/.env.production"] [unique_id "aZEl8zQWjcuk3jEODCUlJQAAAdc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:39:13 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:39:08.688632 2026] [security2:error] [pid 26237:tid 26237] [client 104.207.47.197:54569] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ltrinc.com"] [uri "/v2/.git/config"] [unique_id "aZEVrN8ZFTKoH5i__tzYzAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 23:24:27 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 18:24:22.068445 2026] [security2:error] [pid 710:tid 710] [client 104.207.47.197:22147] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "liwlra.org"] [uri "/dev/.git/config"] [unique_id "aZEEJqd_RDDsAdp8PvOZlgAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 23:00:33 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 18:00:27.001399 2026] [security2:error] [pid 15339:tid 15351] [client 104.207.47.197:34167] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lisabee.net"] [uri "/app/.env"] [unique_id "aZD-i4esDCpeL3FPBPgetAAAAEg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 162 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 144.202.82.88

🇨🇳 123.52.202.92

🇺🇸 64.62.156.163

🇦🇷 179.61.10.34

🇮🇳 122.168.194.41

🇨🇳 111.17.199.57

🇺🇸 100.49.117.77

🇩🇪 69.5.169.201

🇺🇸 66.175.213.137

🇯🇵 8.216.81.159

🇨🇦 4.206.92.183

🇷🇴 2.57.122.238

🇳🇱 91.92.40.8

🇫🇷 85.217.140.8

🇨🇦 57.134.215.133

🇳🇱 45.148.10.200

🇫🇷 146.70.194.244

🇺🇸 64.62.156.19

🇧🇷 45.205.1.76

🇳🇱 45.154.98.96