JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.47.72

104.207.47.72 was found in our database!

This IP was reported 158 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.47.72

Whois 104.207.47.72

IP Abuse Reports for 104.207.47.72:

This IP address has been reported a total of 158 times from 17 distinct sources. 104.207.47.72 was first reported on June 20th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 nowyouknow	2026-04-18 05:12:05 (1 month ago)	(From [email protected]) Hi Egan Family Chiropractic, I’ve built and trained an AI empl ... show more (From [email protected]) Hi Egan Family Chiropractic, I’ve built and trained an AI employee specifically for Egan Family Chiropractic. It’s already been trained on 6+ hours worth of your publicly available data — your website, Google Business Profile, and more. It knows how to answer customer questions, capture leads, and even follow up — just like a team member would. This isn’t a sales call. It’s a 20-minute demo where you can actually interact with the AI employee and see what it can do. Would today or tomorrow work for a quick walkthrough? Schedule a time on my calendar to meet the agent I trained for you and see what she can do here: getdandy.com/schedule-a-call/ or call me at (949)-755-7782 Talk soon, Thank you, Jennifer O'Brien \| Director of Operations GetDandy getdandy.com/schedule-a-call/ Unsubscribe here: bit.ly/42wnUsa show less	Phishing Web Spam
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-02-18 01:02:20 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.72 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 20:02:15.532874 2026] [security2:error] [pid 28552:tid 28552] [client 104.207.47.72:13097] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pc-rack.com"] [uri "/test/.git/config"] [unique_id "aZUPl11EL5d17hAqyNzKkQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 00:47:10 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.72 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 19:47:06.363045 2026] [security2:error] [pid 32371:tid 32371] [client 104.207.47.72:61003] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pattymoorearmstrong.com"] [uri "/admin/.env"] [unique_id "aZUMCs909-m92YJLbR6JLAAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 SSH-Admin	2026-02-07 17:12:28 (3 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇺🇸 fbarela	2026-01-25 04:01:03 (4 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
🇩🇪 Packets-Decreaser.NET	2025-12-31 00:58:30 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇨🇦 SSH-Admin	2025-12-01 02:33:03 (6 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 21:55:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.72 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 16:55:27.704307 2025] [security2:error] [pid 18262:tid 18262] [client 104.207.47.72:45661] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "godcanuseyou.com"] [uri "/.svn/wc.db"] [unique_id "aSjIz8_qplc0MuGwXu_gZAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 20:37:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.72 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 15:37:45.270240 2025] [security2:error] [pid 7264:tid 7264] [client 104.207.47.72:51385] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "clayrivers.com"] [uri "/.env"] [unique_id "aSi2mYZ0wWPzteHjKrVkBgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 oncord	2025-11-16 13:12:54 (6 months ago)	Form spam	Web Spam
Anonymous	2025-11-14 01:04:53 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇺🇸 techboy117	2025-11-14 00:41:07 (6 months ago)	Blocking due to password spraying.	Brute-Force
🇩🇪 stinpriza	2025-11-11 00:58:55 (6 months ago)	Web App Attack	Web App Attack
🇦🇺 oncord	2025-11-07 11:14:28 (6 months ago)	Form spam	Web Spam

Showing 1 to 15 of 158 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 185.216.145.162

🇺🇸 147.185.132.185

🇫🇷 91.231.89.172

🇺🇸 216.218.206.67

🇺🇸 192.185.4.81

🇺🇸 192.169.178.74

🇨🇦 136.144.17.173

🇨🇳 112.123.59.179

🇸🇪 78.66.44.23

🇺🇸 74.249.129.4

🇩🇪 35.158.239.42

🇨🇿 31.222.13.161

🇺🇸 15.204.184.105

🇬🇧 5.226.140.52

🇺🇸 2604:a940:300:5b6:0:11::

🇮🇳 2402:b00:1a:b86e:7891:1e38:fc09:6da8

🇺🇸 2001:470:1:c84::15

🇺🇸 208.87.243.61

🇬🇧 194.50.235.133

🇺🇸 173.239.240.110