JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.47.30

104.207.47.30 was found in our database!

This IP was reported 179 times. Confidence of Abuse is 13%: ?

13%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.47.30

Whois 104.207.47.30

IP Abuse Reports for 104.207.47.30:

This IP address has been reported a total of 179 times from 30 distinct sources. 104.207.47.30 was first reported on June 14th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-07 05:56:17 (1 month ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: CRITICAL. Aaran.cloud show less	Hacking Exploited Host
🇨🇳 ThreatBook.io	2026-05-06 23:14:20 (1 month ago)	ThreatBook Intelligence: http_proxy,Gateway more details on https://threatbook.io/ip/104.207.47.30 2 ... show more ThreatBook Intelligence: http_proxy,Gateway more details on https://threatbook.io/ip/104.207.47.30 2026-05-06 08:59:35 / 2026-05-06 09:00:25 / show less	Web App Attack
🇨🇳 ThreatBook.io	2026-05-05 23:26:09 (1 month ago)	ThreatBook Intelligence: http_proxy,Gateway more details on https://threatbook.io/ip/104.207.47.30 2 ... show more ThreatBook Intelligence: http_proxy,Gateway more details on https://threatbook.io/ip/104.207.47.30 2026-05-05 00:00:56 / show less	Web App Attack
🇫🇷 masterguru	2026-04-26 17:42:51 (1 month ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.47.30 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.47.30 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇫🇷 masterguru	2026-04-23 17:22:47 (1 month ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.47.30 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.47.30 (US/United States/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇦🇺 nzhost.co.nz	2026-02-19 12:32:47 (3 months ago)	$f2bV_matches	Hacking Brute-Force
🇺🇸 mnsf	2026-02-16 00:05:46 (3 months ago)	Too many Status 40X (12) Scanning/Probing (14)	Brute-Force Web App Attack
🇺🇸 myagent.site	2026-02-15 12:38:28 (3 months ago)	Blocking for trying to access an exploit file: /app/.git/config	Hacking
🇦🇺 nzhost.co.nz	2026-02-15 12:26:15 (3 months ago)	$f2bV_matches	Hacking Brute-Force
🇺🇸 TPI-Abuse	2026-02-15 04:21:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:21:30.985632 2026] [security2:error] [pid 15679:tid 15679] [client 104.207.47.30:53075] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "streamlinenz.com"] [uri "/new/.git/config"] [unique_id "aZFJyij5X6IlI14FCCDd-QAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 ParaBug	2026-02-15 02:31:31 (3 months ago)	104.207.47.30 - - [15/Feb/2026:03:31:31 +0100] "GET /app/.env HTTP/1.1" 301 4217 "-" "Mozilla/5.0 (W ... show more 104.207.47.30 - - [15/Feb/2026:03:31:31 +0100] "GET /app/.env HTTP/1.1" 301 4217 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Phishing Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:29:02 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:28:56.690079 2026] [security2:error] [pid 19395:tid 19395] [client 104.207.47.30:33533] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "spiht.com"] [uri "/new/.git/config"] [unique_id "aZEvaAMzNG5NwpZgpP4JPQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:55:33 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:55:24.155453 2026] [security2:error] [pid 29174:tid 29174] [client 104.207.47.30:25793] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mydobdate.net"] [uri "/.env.local"] [unique_id "aZEnjGzXAHBVOjZWwVPRaQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:27:08 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:27:01.314645 2026] [security2:error] [pid 16900:tid 16900] [client 104.207.47.30:15083] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "m2pg.net"] [uri "/config/.env"] [unique_id "aZEg5VAQi_iex3W6NyakbwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:41:04 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:41:00.903906 2026] [security2:error] [pid 19336:tid 19336] [client 104.207.47.30:40083] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lucasabrahamsen.org"] [uri "/.env.save"] [unique_id "aZEWHDwAG9wCRhadM0qUZAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 179 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇾 181.123.62.210

🇨🇳 113.102.242.70

🇻🇳 103.118.28.15

🇺🇸 24.52.70.30

🇺🇸 195.184.76.164

🇷🇺 194.176.114.36

🇵🇰 117.102.4.163

🇺🇸 64.62.156.214

🇰🇷 34.158.216.6

🇯🇵 34.97.29.148

🇺🇸 18.188.55.38

🇬🇧 195.140.214.23

🇨🇴 181.142.12.110

🇨🇳 123.158.49.243

🇫🇷 91.231.89.116

🇮🇳 27.123.112.6

🇳🇱 213.177.179.91

🇭🇰 199.45.154.185

🇳🇱 195.178.110.241

🇹🇹 190.83.165.70