JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.47.249

104.207.47.249 was found in our database!

This IP was reported 147 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.47.249

Whois 104.207.47.249

IP Abuse Reports for 104.207.47.249:

This IP address has been reported a total of 147 times from 17 distinct sources. 104.207.47.249 was first reported on June 11th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-05-19 22:12:54 (2 weeks ago)	Known malicious PHP file or CMS probe	Web App Attack
🇺🇸 TPI-Abuse	2026-02-24 08:34:38 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 24 03:34:31.351030 2026] [security2:error] [pid 19703:tid 19703] [client 104.207.47.249:56389] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mywhy.endriss.info"] [uri "/.git/config"] [unique_id "aZ1il8IqMq3DBFQ9Z0A4VwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-24 01:14:15 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 20:14:08.531936 2026] [security2:error] [pid 20244:tid 20244] [client 104.207.47.249:25023] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sneedvillefarmersmarket.daisydoesoap.com"] [uri "/.git/config"] [unique_id "aZz7YJidatIgo0ut5Y8KDgAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-24 00:04:40 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 19:04:35.951106 2026] [security2:error] [pid 31308:tid 31443] [client 104.207.47.249:12471] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gamecrazy.hdtv55.com"] [uri "/.git/config"] [unique_id "aZzrE957KVltwp8_KWAGNQAAAJY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-23 22:14:46 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 17:14:41.307823 2026] [security2:error] [pid 3993:tid 3993] [client 104.207.47.249:60189] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jpastordesign.com.jpastorphotographics.com"] [uri "/.git/config"] [unique_id "aZzRUU4g5AbH6QMA-e8_BQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:20 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-11-27 23:22:18 (6 months ago)	Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.27 is noted in report ti ... show more Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.27 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-25 05:27:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:27:46.410362 2025] [security2:error] [pid 19167:tid 19167] [client 104.207.47.249:9357] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.barbaramcadams.com"] [uri "/.env"] [unique_id "aSU-Uk8t5TknlzSYu9vU2QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:39:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:39:37.308008 2025] [security2:error] [pid 30402:tid 30402] [client 104.207.47.249:19449] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.rlharmongroup.com"] [uri "/.git/HEAD"] [unique_id "aSUzCbRnIxF8PfBK07PuoAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:12:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:12:48.560181 2025] [security2:error] [pid 15589:tid 15606] [client 104.207.47.249:23121] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.madtruckerbill.com"] [uri "/.git/HEAD"] [unique_id "aSUCkCIjVFKa_KFJ49hNxgAAAMI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:16:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:16:21.770707 2025] [security2:error] [pid 1416453:tid 1416525] [client 104.207.47.249:11357] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.amazinglips.com"] [uri "/.git/HEAD"] [unique_id "aST1VU3b9nF_ETk_Bja-EAAAAk4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:42:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:42:42.483795 2025] [security2:error] [pid 3305386:tid 3305386] [client 104.207.47.249:57373] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.mountainretreatcenter.com"] [uri "/.svn/wc.db"] [unique_id "aSPiQgsEpAKkgeb_9FpOqwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-18 05:54:26 (6 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.18 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.18 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-14 21:21:00 (6 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.14 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.14 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-14 11:58:59 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 147 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.180.246.83

🇳🇱 192.42.116.99

🇮🇳 182.95.175.190

🇺🇸 162.216.150.230

🇺🇸 162.216.150.113

🇩🇪 151.243.11.245

🇷🇴 80.94.92.184

🇱🇹 45.227.254.170

🇬🇧 35.203.211.218

🇺🇸 23.251.43.111

🇮🇳 182.95.49.166

🇮🇳 182.95.48.154

🇷🇺 178.207.10.91

🇺🇸 162.216.150.40

🇺🇸 162.216.149.37

🇮🇩 103.15.226.202

🇳🇱 45.148.10.152

🇸🇬 43.133.61.254

🇮🇪 34.242.105.1

🇻🇳 27.79.44.206