JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.47.42

104.207.47.42 was found in our database!

This IP was reported 141 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.47.42

Whois 104.207.47.42

IP Abuse Reports for 104.207.47.42:

This IP address has been reported a total of 141 times from 21 distinct sources. 104.207.47.42 was first reported on June 7th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-16 13:01:50 (3 weeks ago)	Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Sever ... show more Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇦🇺 oncord	2026-02-03 18:21:35 (4 months ago)	Form spam	Web Spam
🇺🇸 nowyouknow	2025-12-20 03:18:16 (5 months ago)	(From [email protected]) Reliable seo backlinks to supercharge cuccichiropractic.com seo backl ... show more (From [email protected]) Reliable seo backlinks to supercharge cuccichiropractic.com seo backlinks! BonusBacklinks.com - we provide daily backlinks and drive organic visits to your site EVERY DAY: + Use 85% DISCOUNT + Strong daily seo backlinks + Organic website visits + Prices only from $1 + Bonus coupon codes: https://tiny.cc/bonusbacklinks-promos BonusBacklinks.com - daily seo backlinks and website clicks to boost your website everyday show less	Phishing Web Spam
🇺🇸 myagent.site	2025-12-08 03:33:26 (5 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2025-12-07 23:12:34 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 18:12:30.046708 2025] [security2:error] [pid 5413:tid 5413] [client 104.207.47.42:9939] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rocknwalktours.com"] [uri "/.env"] [unique_id "aTYJ3iUUb64zVbTQQE0pygAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 20:46:11 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 15:46:08.556770 2025] [security2:error] [pid 32655:tid 32655] [client 104.207.47.42:19739] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "drlwr.com"] [uri "/.git/HEAD"] [unique_id "aTXnkLx0eGHY280YpYoffQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 11:02:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 06:02:17.209329 2025] [security2:error] [pid 9134:tid 9134] [client 104.207.47.42:14457] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ictsl.net"] [uri "/.env"] [unique_id "aTQNOVXb9LW8ILgCGyDfHQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 00:30:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 19:30:26.008396 2025] [security2:error] [pid 26266:tid 26266] [client 104.207.47.42:34507] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "furball.global"] [uri "/.git/HEAD"] [unique_id "aTN5IgQpLMWXyIRrCGkK8AAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 03:31:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 22:31:13.574821 2025] [security2:error] [pid 9988:tid 9988] [client 104.207.47.42:27819] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "495metro.com"] [uri "/.env"] [unique_id "aTJSAbUmVgjEoaiGb1rkTAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 01:54:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 20:54:23.386489 2025] [security2:error] [pid 29072:tid 29072] [client 104.207.47.42:59111] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sweet16invitationsonline.com"] [uri "/.svn/wc.db"] [unique_id "aTI7T7RnwRf4OmlabbHk9wAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:43:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:43:14.346336 2025] [security2:error] [pid 243932:tid 243965] [client 104.207.47.42:40505] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fiefblondel.aafm.us"] [uri "/.env"] [unique_id "aSQoslc8EtVRkmyAMesCcAAAAQA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:05:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:05:46.789086 2025] [security2:error] [pid 27248:tid 27248] [client 104.207.47.42:14809] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.eweddingsupplies.com"] [uri "/.git/HEAD"] [unique_id "aSQR2kchYptg34XRPXzFWAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:46:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:45:43.166263 2025] [security2:error] [pid 5964:tid 5964] [client 104.207.47.42:13597] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.capitalswisscorp.com"] [uri "/.svn/wc.db"] [unique_id "aSQNJ0ukI_sczW7mgHoOrAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:16:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:16:45.560069 2025] [security2:error] [pid 8296:tid 8296] [client 104.207.47.42:48227] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.romestudios.com"] [uri "/.git/HEAD"] [unique_id "aSPqPeipYSeB7lRK-wK_bgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:00:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:00:32.038857 2025] [security2:error] [pid 23234:tid 23234] [client 104.207.47.42:52485] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sionayra.tracybur.net"] [uri "/.env"] [unique_id "aSPmcP_3-M8D9Lpv78wjKAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 141 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:400:d1:0:4:8bf6:f001

🇺🇸 216.25.89.150

🇳🇱 195.178.110.26

🇧🇿 190.197.25.70

🇺🇸 162.216.149.170

🇺🇸 150.107.38.254

🇷🇺 77.222.35.115

🇸🇬 74.114.31.149

🇺🇸 65.49.1.128

🇺🇸 43.173.69.147

🇺🇸 172.185.46.218

🇹🇭 171.100.121.127

🇺🇸 142.93.127.145

🇸🇬 129.226.213.238

🇰🇷 112.216.129.27

🇮🇷 93.118.146.156

🇪🇸 79.117.201.162

🇺🇸 71.6.233.2

🇧🇪 34.156.188.50

🇧🇪 34.62.21.23