JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.47.216

104.207.47.216 was found in our database!

This IP was reported 135 times. Confidence of Abuse is 10%: ?

10%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.47.216

Whois 104.207.47.216

IP Abuse Reports for 104.207.47.216:

This IP address has been reported a total of 135 times from 18 distinct sources. 104.207.47.216 was first reported on June 6th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 cmbplf	2026-05-24 20:47:34 (1 week ago)	1.816 POST requests with url.path */wp-login.php	Brute-Force Bad Web Bot
Anonymous	2026-05-03 08:18:29 (1 month ago)	Forum/form spam	Web Spam
Anonymous	2026-03-29 16:35:30 (2 months ago)	Forum/form spam	Web Spam
🇱🇻 garmtech.com	2026-03-04 02:44:27 (3 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇺🇸 windowsforum	2026-02-23 23:56:34 (3 months ago)	Spam bot registration: triggers=timing, js_challenge, inv_honeypot, pow_fail, username=ShayneJanz	Web Spam Bad Web Bot
🇱🇻 garmtech.com	2026-02-08 23:14:54 (3 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇳🇱 homeshowdomain.nl	2026-01-02 23:02:02 (5 months ago)	Auto-ban: >3000 req/min op 2026-01-02	Hacking Web App Attack SSH
🇧🇷 Sipo Chutão	2025-12-31 03:00:01 (5 months ago)	/.git/HEAD	Hacking
🇩🇪 bontekoe.technology	2025-12-28 16:00:30 (5 months ago)	Port scan or Brute-Force detected. (src_port=45779, dst_port=80)	Brute-Force
🇺🇸 TPI-Abuse	2025-11-26 08:13:05 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 104.207.47.216 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 104.207.47.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:13:01.288980 2025] [security2:error] [pid 15395:tid 15395] [client 104.207.47.216:16553] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.quickwink.quickasawink.org\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.quickwink.quickasawink.org"] [uri "/.svn/wc.db"] [unique_id "aSa2jQGTLqlnWNhF9jryhwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:55:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.216 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:55:52.125441 2025] [security2:error] [pid 28453:tid 28453] [client 104.207.47.216:42671] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.golflavahotsprings.com"] [uri "/.env"] [unique_id "aSaWaIrNmC4ZaV-OeaOtSgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:46:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.216 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:46:39.022477 2025] [security2:error] [pid 1985780:tid 1985786] [client 104.207.47.216:14169] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.thecraftsycat.com"] [uri "/.git/HEAD"] [unique_id "aSVQz15Zk8HeGmNZSaI15QAAAIM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:28:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.216 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:28:45.184511 2025] [security2:error] [pid 7683:tid 7683] [client 104.207.47.216:16153] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.bridalshowerinvitationsonline.com"] [uri "/.env"] [unique_id "aSUibRBSeRhwiIeb8GS-EgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:41:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.216 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:40:57.068261 2025] [security2:error] [pid 11587:tid 11587] [client 104.207.47.216:33897] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.rentaroller.com.au"] [uri "/.env"] [unique_id "aSQMCfEEi_lsYOfgZo2hzgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:22:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.216 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:22:51.833178 2025] [security2:error] [pid 7933:tid 7933] [client 104.207.47.216:11169] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "artocratic.com"] [uri "/.git/HEAD"] [unique_id "aSQHy9xUV1mlN30zgGw84AAAABA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 135 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇬 2620:171:66:f004:9999::245

🇩🇪 185.242.3.226

🇴🇲 161.8.80.21

🇧🇷 45.205.1.242

🇺🇸 38.141.62.160

🇩🇪 13.140.129.227

🇺🇸 2602:80d:1008::96

🇺🇸 198.147.26.226

🇺🇸 162.216.149.193

🇭🇰 152.32.226.205

🇱🇧 109.110.101.245

🇵🇰 39.34.147.137

🇩🇪 35.159.111.126

🇺🇸 20.12.240.178

🇫🇷 2a02:4780:27:2158:0:1231:cb51:1

🇺🇸 216.132.133.26

🇺🇸 165.154.206.204

🇬🇧 86.178.224.142

🇺🇸 216.180.246.187

🇦🇷 170.155.12.4