JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.47.233

104.207.47.233 was found in our database!

This IP was reported 140 times. Confidence of Abuse is 11%: ?

11%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.47.233

Whois 104.207.47.233

IP Abuse Reports for 104.207.47.233:

This IP address has been reported a total of 140 times from 14 distinct sources. 104.207.47.233 was first reported on June 11th 2024, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 alferez	2026-06-03 21:43:30 (5 days ago)	Searching hacked php files	Hacking Exploited Host Web App Attack
🇫🇮 inlink.ltd	2026-05-19 22:13:11 (2 weeks ago)	Known malicious PHP file or CMS probe	Web App Attack
🇳🇱 homeshowdomain.nl	2026-03-02 22:59:37 (3 months ago)	Auto-ban: >3000 req/min op 2026-03-02	Web App Attack SSH Hacking
🇬🇧 openstrike.co.uk	2025-12-12 08:39:45 (5 months ago)	9 packets to port 2083	Port Scan
🇺🇸 TPI-Abuse	2025-11-25 05:01:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:00:59.522545 2025] [security2:error] [pid 20468:tid 20468] [client 104.207.47.233:33769] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.nigunensemble.net"] [uri "/.svn/wc.db"] [unique_id "aSU4C8VHduTPziHhwpmzcAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 jjnxpct	2025-11-25 04:54:05 (6 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.git/HEAD (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .git/ found within REQUEST_FILENAME: /.git/HEAD] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:15:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:15:29.811248 2025] [security2:error] [pid 26099:tid 26099] [client 104.207.47.233:10065] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.davefortier.com"] [uri "/.env"] [unique_id "aSUtYWCSzjHWBzZH5pwArwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:07:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:07:13.838634 2025] [security2:error] [pid 14240:tid 14240] [client 104.207.47.233:52823] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.dinersquest.com"] [uri "/.svn/wc.db"] [unique_id "aSUdYRo2Sh1v54TSMI27EgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:32:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:32:55.388143 2025] [security2:error] [pid 26040:tid 26040] [client 104.207.47.233:10685] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.motherlyhomecare.com"] [uri "/.git/HEAD"] [unique_id "aSUHRzusr_3bqt9eJU89ZAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:18:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:18:41.506411 2025] [security2:error] [pid 21879:tid 21879] [client 104.207.47.233:56945] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.myvdi.com"] [uri "/.env"] [unique_id "aSP4wWRKQI-mUx8L6Hfe_wAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:04:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:04:18.449433 2025] [security2:error] [pid 30120:tid 30120] [client 104.207.47.233:12459] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.gardnercastle.com"] [uri "/.git/HEAD"] [unique_id "aSPnUjv9YynHaQMbHZz53AAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:30:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:30:15.723069 2025] [security2:error] [pid 26057:tid 26057] [client 104.207.47.233:59607] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.dianogah.com"] [uri "/.git/HEAD"] [unique_id "aSPRRwUJs25K1y34oVgSaAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 fbarela	2025-11-19 10:00:44 (6 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
🇨🇦 wil.com	2025-10-13 23:34:11 (7 months ago)	GlobalProtect login attempts with user everettgordon.	VPN IP Brute-Force
Anonymous	2025-10-08 10:42:18 (8 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.08 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.08 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 140 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇭 2001:fd8:b9a8:a300:fd84:366:36d4:e21a

🇩🇪 213.209.159.36

🇺🇸 172.202.96.198

🇪🇨 157.100.136.14

🇨🇳 123.178.210.106

🇷🇴 92.118.39.236

🇵🇹 89.153.125.230

🇮🇹 83.224.171.246

🇨🇳 58.212.237.181

🇧🇷 34.151.215.198

🇳🇱 31.14.32.4

🇳🇱 5.187.35.142

🇫🇷 2001:41d0:33d:9200::40a

🇫🇷 194.60.201.87

🇷🇴 193.46.255.86

🇨🇳 139.212.68.144

🇨🇳 27.155.77.43

🇹🇼 198.235.24.69

🇸🇦 130.164.164.105

🇭🇰 124.156.129.246