JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.47.23

104.207.47.23 was found in our database!

This IP was reported 109 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.47.23

Whois 104.207.47.23

IP Abuse Reports for 104.207.47.23:

This IP address has been reported a total of 109 times from 22 distinct sources. 104.207.47.23 was first reported on June 11th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-03-22 07:03:54 (2 months ago)	Forum/form spam	Web Spam
🇳🇱 i-turnradio.nl	2026-02-19 00:59:53 (3 months ago)	2026-02-19 01:59:53 (CET) ~ Blocked by abusescan risk assessment	Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 20:44:57 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 15:44:51.270369 2026] [security2:error] [pid 28735:tid 28735] [client 104.207.47.23:50281] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arcticwarriors.org"] [uri "/.env"] [unique_id "aYzqQ5LrIXJVJ-xpngs8cgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 jjnxpct	2026-02-11 04:53:28 (3 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.aws/credentials (Rule ID: 930130) - Restricted File Access Attempt show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 22:49:26 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 17:49:18.648654 2026] [security2:error] [pid 13987:tid 13987] [client 104.207.47.23:42537] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "applemaccomputerconsulting.com"] [uri "/.env.local"] [unique_id "aYu17sB4YfN9G9Nyg3fLWgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 05:02:00 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 00:01:57.833995 2026] [security2:error] [pid 1792:tid 1792] [client 104.207.47.23:19231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kmg365media.com"] [uri "/test/.git/config"] [unique_id "aYq7xYoO-lu3wqGCJy6JAgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 01:22:17 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 20:22:09.447454 2026] [security2:error] [pid 5269:tid 5281] [client 104.207.47.23:12311] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "khalessilaw.com"] [uri "/admin/.env"] [unique_id "aYqIQbk8htmo_Z-NcJ60wgAAAIo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:34:59 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:34:50.195819 2026] [security2:error] [pid 7333:tid 7333] [client 104.207.47.23:61761] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kevinjewell.com"] [uri "/.env"] [unique_id "aYp9KgbecZLxNajnyCAccAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:55:51 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:55:42.778071 2026] [security2:error] [pid 26283:tid 26283] [client 104.207.47.23:54617] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kennedimoore.click"] [uri "/config/.env"] [unique_id "aYpz_oPPxi_KDsaF3Hi6lQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:02:43 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:02:36.746647 2026] [security2:error] [pid 16479:tid 16479] [client 104.207.47.23:48221] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kdgsf.xyz"] [uri "/dev/.git/config"] [unique_id "aYpnjPWStfrb918tkQMYzQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-09 22:59:11 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-09	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-09 21:08:31 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:08:11.281204 2026] [security2:error] [pid 22923:tid 22923] [client 104.207.47.23:36105] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "karenbernsteinlaw.com"] [uri "/admin/.env"] [unique_id "aYpMu-aOEitgQtN9pWEPVwAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-09 20:06:16 (3 months ago)	Blocking for trying to access an exploit file: /frontend/.env	Hacking
Anonymous	2025-12-22 18:24:46 (5 months ago)	Attempted brute force login to web vpn 126 time(s); last attempt for 2025.12.22 is noted in report t ... show more Attempted brute force login to web vpn 126 time(s); last attempt for 2025.12.22 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 109 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 217.181.86.209

🇩🇪 217.181.86.171

🇩🇪 217.181.86.158

🇩🇪 217.181.86.151

🇩🇪 217.181.86.16

🇦🇹 213.225.11.15

🇨🇳 120.48.165.75

🇧🇩 103.71.46.171

🇳🇱 89.248.163.200

🇷🇴 2.57.121.25

🇩🇪 217.181.86.117

🇩🇪 217.181.86.106

🇩🇪 217.181.85.216

🇩🇪 217.181.85.200

🇩🇪 217.181.85.115

🇩🇪 217.181.85.107

🇰🇷 211.180.105.241

🇺🇸 184.168.21.211

🇰🇿 176.98.228.118

🇮🇹 151.95.211.132