JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.47.47

104.207.47.47 was found in our database!

This IP was reported 171 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.47.47

Whois 104.207.47.47

IP Abuse Reports for 104.207.47.47:

This IP address has been reported a total of 171 times from 21 distinct sources. 104.207.47.47 was first reported on June 8th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-23 01:24:13 (3 weeks ago)	Honeypot detection: Privilege escalation / elevation attempt on port 9200. Severity: CRITICAL. Aaran ... show more Honeypot detection: Privilege escalation / elevation attempt on port 9200. Severity: CRITICAL. Aaran.cloud show less	Hacking
🇬🇧 PeravixGroup	2026-05-22 13:20:20 (3 weeks ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇦🇺 MAGIC	2026-04-12 02:16:00 (2 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇦🇺 MAGIC	2026-03-02 02:33:19 (3 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 mnsf	2026-02-14 03:05:44 (4 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 09:12:02 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.47 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 04:11:58.853623 2026] [security2:error] [pid 2564484:tid 2564484] [client 104.207.47.47:11047] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "landrdurables.com"] [uri "/api/.git/config"] [unique_id "aY7q3ppaBE31HfaAL7wyxQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 05:35:31 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.47 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:35:27.723992 2026] [security2:error] [pid 19666:tid 19666] [client 104.207.47.47:60209] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "koeckeritz.com"] [uri "/site/.git/config"] [unique_id "aY64HzwksFHwognatNcU4gAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:57:38 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.47 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:57:34.651656 2026] [security2:error] [pid 11198:tid 11337] [client 104.207.47.47:24533] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.com"] [uri "/app/.git/config"] [unique_id "aY6THmN5WYbQMelVTp6zYAAAAo8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-13 02:27:27 (4 months ago)	Blocking for trying to access an exploit file: /.env.production	Hacking
🇮🇩 Burayot	2026-02-13 02:25:10 (4 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.47.47 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.47.47 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:08:17 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.47 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:08:12.026627 2026] [security2:error] [pid 19486:tid 19486] [client 104.207.47.47:49467] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kdgsf.xyz"] [uri "/wp/.git/config"] [unique_id "aY6HjG6s5n9sF2AXnVGDZAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-13 02:06:48 (4 months ago)	Too many Status 40X (13) Scanning/Probing (13)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:13:32 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.47 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:13:26.972555 2026] [security2:error] [pid 19906:tid 19906] [client 104.207.47.47:62387] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "karenjoyce.com"] [uri "/wp/.git/config"] [unique_id "aY56tlJMHyhDFQgsuBgzhQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 22:31:48 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.47 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 17:31:42.104103 2026] [security2:error] [pid 5354:tid 5354] [client 104.207.47.47:42941] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "acpparalegal.com"] [uri "/.git/config"] [unique_id "aY5UzlapUfy6iF1yO9LZrgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇾 lns.bz	2026-02-12 21:02:54 (4 months ago)	.env scanning [BY]	Web App Attack

Showing 1 to 15 of 171 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 182.183.21.45

🇹🇭 110.168.238.96

🇮🇩 103.187.165.26

🇺🇸 38.34.175.88

🇨🇭 209.99.184.143

🇩🇪 194.88.98.105

🇩🇪 151.243.11.35

🇺🇸 151.240.52.111

🇯🇵 116.80.43.240

🇨🇳 112.86.225.240

🇨🇳 111.37.22.206

🇨🇳 110.42.63.152

🇨🇳 106.75.137.178

🇫🇷 91.231.89.208

🇷🇺 77.108.100.162

🇺🇸 64.62.156.231

🇺🇸 64.62.156.164

🇺🇸 50.116.23.67

🇺🇸 20.168.120.227

🇰🇷 13.209.15.24