JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.167.19.105

104.167.19.105 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 12%: ?

12%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.167.19.105

Whois 104.167.19.105

IP Abuse Reports for 104.167.19.105:

This IP address has been reported a total of 23 times from 11 distinct sources. 104.167.19.105 was first reported on September 29th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-06-10 19:50:43 (2 days ago)	Brute force	Brute-Force
🇬🇧 PeravixGroup	2026-05-07 05:49:49 (1 month ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: CRITICAL. Aaran.cloud show less	Hacking Exploited Host
🇨🇦 SSH-Admin	2026-02-07 17:12:28 (4 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇨🇦 SSH-Admin	2025-12-27 13:45:08 (5 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇵🇱 sefinek.net	2025-12-21 18:39:42 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1264.71 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 kosada.com	2025-12-10 15:17:09 (6 months ago)	Web password guessing	Brute-Force
🇱🇻 garmtech.com	2025-12-05 12:35:36 (6 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇺🇸 TPI-Abuse	2025-11-26 08:53:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.19.105 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.19.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:53:26.016392 2025] [security2:error] [pid 21929:tid 21929] [client 104.167.19.105:56017] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.bikinipageone.com"] [uri "/.svn/wc.db"] [unique_id "aSbABg_W1gamcemCZqL6uwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:39:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.19.105 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.19.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:39:27.509807 2025] [security2:error] [pid 13700:tid 13700] [client 104.167.19.105:59681] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dixiegeek.cosentient.com"] [uri "/.env"] [unique_id "aSagn6wbm9H7tOGIQP_qygAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:53:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.19.105 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.19.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:53:33.734291 2025] [security2:error] [pid 29322:tid 29322] [client 104.167.19.105:46559] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.bradmackenzie.com"] [uri "/.env"] [unique_id "aSaV3e3-MKiyRD8jXgokNQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:43:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.19.105 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.19.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:43:21.807658 2025] [security2:error] [pid 3111:tid 3111] [client 104.167.19.105:27169] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.digitalmarketing-group.com"] [uri "/.git/HEAD"] [unique_id "aSZNKXIX7fLBSYA2ufm_wwAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 0x44	2025-11-24 17:58:17 (6 months ago)	104.167.19.105 [24/Nov/2025] * Spam host detected, probing for vulnerabilities	Web Spam Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:26:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.19.105 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.19.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:25:56.325869 2025] [security2:error] [pid 23617:tid 23617] [client 104.167.19.105:39357] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.mvscouts.org"] [uri "/.git/HEAD"] [unique_id "aSQkpNr54hiaw2hD2jw5BAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:14:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.19.105 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.19.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:12:43.885662 2025] [security2:error] [pid 2531:tid 2531] [client 104.167.19.105:14271] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.mbnetworking.com"] [uri "/.svn/wc.db"] [unique_id "aSQTex_edwkSDaP6QqFO-wAAAC8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:51:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.19.105 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.19.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:51:04.253058 2025] [security2:error] [pid 3485960:tid 3485960] [client 104.167.19.105:53957] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.wilsontribe.org"] [uri "/.git/HEAD"] [unique_id "aSQOaCP2ZXiS9EBv4mIevQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.77

🇺🇸 173.255.225.25

🇺🇸 172.239.71.244

🇺🇸 172.203.242.24

🇮🇩 103.131.61.163

🇧🇬 93.94.141.115

🇺🇸 91.230.168.192

🇺🇸 34.106.9.238

🇧🇴 190.181.27.37

🇲🇽 187.190.35.163

🇸🇬 178.128.84.112

🇺🇸 172.239.64.155

🇺🇸 172.236.228.229

🇸🇬 103.189.235.93

🇩🇪 78.47.163.163

🇦🇷 45.172.110.35

🇳🇱 45.148.10.141

🇺🇸 23.239.11.64

🇮🇹 2.38.151.216

🇫🇷 213.136.88.112