JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.47.61

104.207.47.61 was found in our database!

This IP was reported 140 times. Confidence of Abuse is 30%: ?

30%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.47.61

Whois 104.207.47.61

IP Abuse Reports for 104.207.47.61:

This IP address has been reported a total of 140 times from 22 distinct sources. 104.207.47.61 was first reported on June 5th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 backslash	2026-05-23 05:03:04 (2 weeks ago)		Bad Web Bot
🇪🇸 librebit	2026-05-17 06:18:34 (2 weeks ago)	Brute force	Brute-Force
Anonymous	2026-05-16 12:01:27 (2 weeks ago)	RdpGuard detected brute-force attempt on RD-WEB	Brute-Force
Anonymous	2026-05-12 21:15:02 (3 weeks ago)	suspicious request in access.log	Web App Attack
🇮🇹 Inartis	2026-05-11 18:56:23 (3 weeks ago)	104.207.47.61 - - [11/May/2026:20:56:22 +0200] "GET /admin-ajax.php HTTP/1.1" 404 219 "-" "Mozilla/5 ... show more 104.207.47.61 - - [11/May/2026:20:56:22 +0200] "GET /admin-ajax.php HTTP/1.1" 404 219 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 12_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/75.0.3770.103 Mobile/15E148 Safari/605.1" ... show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-05-03 01:39:05 (1 month ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇳🇱 homeshowdomain.nl	2026-05-01 22:01:08 (1 month ago)	Auto-ban: >3000 req/min op 2026-05-01	Web App Attack SSH Hacking
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇨🇭 Origon	2026-02-09 20:27:28 (3 months ago)	http-sensitive-files - IP: 104.207.47.61 - time="2026-02-09T21:27:28+01:00" level=info msg="(555f66 ... show more http-sensitive-files - IP: 104.207.47.61 - time="2026-02-09T21:27:28+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.47.61 (US/200373) : 4h ban on Ip 104.207.47.61" module=db show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 19:48:30 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.61 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 14:48:27.535543 2026] [security2:error] [pid 339951:tid 339987] [client 104.207.47.61:16671] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gafm.org"] [uri "/backup/.git/config"] [unique_id "aYo6C4kbGX1NGCglC4KR7wAAAUA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 16:41:21 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.61 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 11:41:06.552171 2026] [security2:error] [pid 15965:tid 15965] [client 104.207.47.61:20537] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fuegolounge813.com"] [uri "/admin/.env"] [unique_id "aYoOIi9GRunwoJVD5G3vggAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 12:43:35 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.61 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 07:43:31.477012 2026] [security2:error] [pid 1952:tid 1952] [client 104.207.47.61:45113] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gamerah.net"] [uri "/backend/.env"] [unique_id "aYnWc7tXGbBd6s4f-PIhewAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 08:14:43 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.61 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 03:14:37.246114 2026] [security2:error] [pid 12742:tid 12742] [client 104.207.47.61:41795] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fullbladderclub.com"] [uri "/backup/.git/config"] [unique_id "aYmXbVQ5EFPzafGG85WvhgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-12-23 11:24:10 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
Anonymous	2025-12-09 21:15:21 (5 months ago)	botnet	DDoS Attack

Showing 1 to 15 of 140 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇴 176.29.167.18

🇩🇪 130.12.181.105

🇬🇹 45.228.234.84

🇺🇸 184.154.157.176

🇳🇱 158.94.211.49

🇭🇰 154.221.17.137

🇷🇺 81.211.72.167

🇧🇬 79.124.62.178

🇧🇷 45.163.173.239

🇹🇿 41.93.28.23

🇻🇳 27.71.230.31

🇷🇺 5.189.126.139

🇰🇷 211.193.245.27

🇺🇸 172.178.83.199

🇺🇸 146.88.241.115

🇧🇬 79.124.49.158

🇹🇼 60.249.207.150

🇧🇷 45.238.101.91

🇮🇳 43.251.217.140

🇨🇳 42.123.126.29