JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.47.74

104.207.47.74 was found in our database!

This IP was reported 144 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.47.74

Whois 104.207.47.74

IP Abuse Reports for 104.207.47.74:

This IP address has been reported a total of 144 times from 19 distinct sources. 104.207.47.74 was first reported on June 19th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-11 05:12:26 (1 month ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-03 14:58:59 (1 month ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 2375. Severity: HI ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 2375. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 TPI-Abuse	2026-02-15 12:28:38 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:28:25.484631 2026] [security2:error] [pid 15903:tid 15903] [client 104.207.47.74:47853] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "title40.com"] [uri "/site/.git/config"] [unique_id "aZG76RdFmme8okDiXNzDTwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:43:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:43:19.877939 2026] [security2:error] [pid 6466:tid 6466] [client 104.207.47.74:54495] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thommesen.net"] [uri "/wp/.git/config"] [unique_id "aZGxVyOnG4uWI8TCy9mlDQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:27:43 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:27:34.100981 2026] [security2:error] [pid 28086:tid 28086] [client 104.207.47.74:9401] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mytemp.info"] [uri "/api/.env"] [unique_id "aZEvFrmvAjnYwXf6T-lrEAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:34:16 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:34:09.361364 2026] [security2:error] [pid 18637:tid 18637] [client 104.207.47.74:13353] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "machinetoolsjwk.com"] [uri "/.env.local"] [unique_id "aZEikaSog8E9UCC_7DwPwAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-02-15 00:31:19 (3 months ago)	182 requests with url.path */.git/config	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-15 00:20:43 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:20:38.394729 2026] [security2:error] [pid 2167:tid 2204] [client 104.207.47.74:42627] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "love-spells-magic.com"] [uri "/admin/.env"] [unique_id "aZERViZIRZBCB3DKHld9bAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 23:29:21 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 18:29:17.066709 2026] [security2:error] [pid 10378:tid 10378] [client 104.207.47.74:31021] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "llew.life"] [uri "/admin/.env"] [unique_id "aZEFTZg_nQeshhKjaY6SVQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 23:02:13 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 18:02:09.192707 2026] [security2:error] [pid 6768:tid 6768] [client 104.207.47.74:32721] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lisarlee.com"] [uri "/test/.git/config"] [unique_id "aZD-8abSK-gIkTLzitvupwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 22:35:43 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 17:35:36.153325 2026] [security2:error] [pid 543863:tid 543863] [client 104.207.47.74:35921] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lightupaustralia.com.au"] [uri "/v2/.git/config"] [unique_id "aZD4uGYrQHp2ou34XDOOSAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-14 22:05:33 (3 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 21:27:21 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 16:27:16.426379 2026] [security2:error] [pid 23286:tid 23298] [client 104.207.47.74:41871] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "missalastages.com"] [uri "/.env.local"] [unique_id "aZDotJO6c80OtUPzKnO8AwAAAUQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2026-01-24 00:13:51 (4 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇮🇹 VHosting	2025-12-24 03:40:31 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH

Showing 1 to 15 of 144 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇪 190.142.97.50

🇲🇽 189.219.52.116

🇨🇳 180.165.29.129

🇦🇷 168.197.250.14

🇩🇪 154.16.4.254

🇺🇦 128.0.104.39

🇭🇰 119.28.75.120

🇺🇸 107.175.157.124

🇫🇷 91.196.152.91

🇦🇪 83.110.157.167

🇺🇸 66.132.172.43

🇸🇬 43.153.207.127

🇸🇬 34.87.44.24

🇨🇭 209.99.185.239

🇺🇸 162.216.149.222

🇨🇳 121.57.230.227

🇵🇰 119.152.228.111

🇹🇼 104.199.176.250

🇮🇳 103.123.235.179

🇩🇪 94.26.106.162