JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.47.6

104.207.47.6 was found in our database!

This IP was reported 115 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.47.6

Whois 104.207.47.6

IP Abuse Reports for 104.207.47.6:

This IP address has been reported a total of 115 times from 22 distinct sources. 104.207.47.6 was first reported on June 4th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-05-19 18:00:08 (2 weeks ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 21-00.104.207.47.6.web-spammer ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 21-00.104.207.47.6.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2026-05-13 19:21:10 (3 weeks ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 22-21.104.207.47.6.web-spammer ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 22-21.104.207.47.6.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2026-05-08 07:18:58 (4 weeks ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 10-18.104.207.47.6.web-spammer ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 10-18.104.207.47.6.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2026-05-08 05:27:02 (4 weeks ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 08-27.104.207.47.6.web-spammer ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 08-27.104.207.47.6.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇫🇷 Baking333	2026-03-08 00:52:50 (2 months ago)	[redacted] 104.207.47.6 - - [08/Mar/2026:01:52:49 +0100] "GET /administratore HTTP/1.1" 302 5267 0/3 ... show more [redacted] 104.207.47.6 - - [08/Mar/2026:01:52:49 +0100] "GET /administratore HTTP/1.1" 302 5267 0/37874 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" [redacted] 104.207.47.6 - - [08/Mar/2026:01:52:49 +0100] "GET / HTTP/1.1" 200 8708 0/79273 "https://[redacted]/administratore" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 08:51:05 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:50:58.071790 2026] [security2:error] [pid 7465:tid 7465] [client 104.207.47.6:53599] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "meta24.vip"] [uri "/new/.git/config"] [unique_id "aY7l8ih2HdF5dL5UrWxY0gAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 07:29:01 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 02:28:57.604181 2026] [security2:error] [pid 5073:tid 5073] [client 104.207.47.6:56791] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "meganmurph.com"] [uri "/.env"] [unique_id "aY7SuWjStkY8fKScm1A2SwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:47:36 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:47:28.921208 2026] [security2:error] [pid 29682:tid 29682] [client 104.207.47.6:33849] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mark-et-ing-1llc.com"] [uri "/admin/.git/config"] [unique_id "aY6e0NxpruzDYbhenxu7CAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-02-13 02:42:30 (3 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:23:55 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:23:50.133334 2026] [security2:error] [pid 2170:tid 2170] [client 104.207.47.6:64599] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "malta-boat-registration.com"] [uri "/test/.git/config"] [unique_id "aY6LNhDMV2GDmmfKAns_wAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:42:18 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:42:13.947714 2026] [security2:error] [pid 10541:tid 10541] [client 104.207.47.6:23075] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mailperform.com"] [uri "/.env.local"] [unique_id "aY6BdR4ns_GUVSKvp5eP6wAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:25:37 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:25:33.828862 2026] [security2:error] [pid 5050:tid 5050] [client 104.207.47.6:37005] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "magnawebinc.com"] [uri "/app/.git/config"] [unique_id "aY59jegHXbWcK9OfzvUQmwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇪 SkyDancer	2026-02-12 19:37:16 (3 months ago)	Multiple intrusion attempts via http/https on known vulnerable url offsets. Attack automatically blo ... show more Multiple intrusion attempts via http/https on known vulnerable url offsets. Attack automatically blocked by SkyDancer Ai(web-X). show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2026-02-12 17:49:54 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 12:49:49.009910 2026] [security2:error] [pid 7126:tid 7126] [client 104.207.47.6:16879] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "distribuidoradecongeladoscdmx.com"] [uri "/.env"] [unique_id "aY4SvW8o3dXMVFbGanGigQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-12 17:21:17 (3 months ago)	Blocking for trying to access an exploit file: /.env	Hacking

Showing 1 to 15 of 115 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 211.105.129.57

🇧🇪 198.235.24.153

🇧🇴 181.115.208.149

🇰🇷 175.214.123.177

🇺🇸 165.154.172.223

🇫🇮 147.185.133.221

🇫🇷 91.231.89.219

🇰🇷 61.75.213.171

🇧🇷 54.94.160.17

🇩🇪 3.67.171.61

🇺🇸 2600:3c02::2000:8aff:fe1a:5d5d

🇧🇷 177.22.88.3

🇺🇸 162.216.149.11

🇨🇳 114.98.177.178

🇺🇸 107.141.138.44

🇩🇪 46.224.234.158

🇮🇳 45.118.32.64

🇲🇽 38.22.170.10

🇮🇳 35.154.146.69

🇺🇸 18.117.166.157