JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.167.25.113

104.167.25.113 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.167.25.113

Whois 104.167.25.113

IP Abuse Reports for 104.167.25.113:

This IP address has been reported a total of 34 times from 14 distinct sources. 104.167.25.113 was first reported on November 7th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 i-turnradio.nl	2026-02-14 05:35:59 (3 months ago)	2026-02-14 06:35:58 (CET) ~ Blocked by abusescan risk assessment	Web App Attack
🇪🇸 10dencehispahard SL	2026-01-26 07:20:02 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
Anonymous	2026-01-19 23:56:50 (4 months ago)	wordpress-trap	Web App Attack
🇵🇱 sefinek.net	2025-12-30 08:19:45 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2025-12-08 21:11:39 (5 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-26 08:41:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:41:37.049676 2025] [security2:error] [pid 23270:tid 23270] [client 104.167.25.113:41671] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.deanfountain.com"] [uri "/.git/HEAD"] [unique_id "aSa9QV8QKXgu7klr8SErcgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:50:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:50:41.536410 2025] [security2:error] [pid 7796:tid 7796] [client 104.167.25.113:40671] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.hiddenitecampground.com"] [uri "/.env"] [unique_id "aSaVMW5lK-Ir0gV3i5tipgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 03:40:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 22:40:42.105810 2025] [security2:error] [pid 31666:tid 31666] [client 104.167.25.113:34465] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.glassclublake.com"] [uri "/.git/HEAD"] [unique_id "aSZ2unkTEgCwz4Ok03FffQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:43:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:43:48.118034 2025] [security2:error] [pid 30613:tid 30613] [client 104.167.25.113:10433] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "busengakko.pellman-world.com"] [uri "/.git/HEAD"] [unique_id "aSZbVAV-uF6NFNP88lBedAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:19:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:19:05.928637 2025] [security2:error] [pid 22389:tid 22389] [client 104.167.25.113:40469] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.guitarwisdom.benshermanguitar.com"] [uri "/.git/HEAD"] [unique_id "aSZViTxkoSAvFE02T61J-gAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:43:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:43:31.642825 2025] [security2:error] [pid 6649:tid 6710] [client 104.167.25.113:47597] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.larryfoussconstruction.com"] [uri "/.svn/wc.db"] [unique_id "aSZNM_CQPT6s-IHquRxflQAAAVc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 07:29:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:29:42.787706 2025] [security2:error] [pid 970413:tid 970413] [client 104.167.25.113:45807] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.efgenios.com"] [uri "/.svn/wc.db"] [unique_id "aSVa5oCFw1VgdaOpWI55xgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:17:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:16:58.561915 2025] [security2:error] [pid 14294:tid 14294] [client 104.167.25.113:59353] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "easyweb-publishing.com"] [uri "/.git/HEAD"] [unique_id "aSU7yq0e8JAJrZ_3kn_xzwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:04:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:04:53.904485 2025] [security2:error] [pid 7373:tid 7373] [client 104.167.25.113:25335] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.hawaiivacations.com"] [uri "/.git/HEAD"] [unique_id "aSQftfHpvGi9XRwfnmxI_QAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:26:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:26:35.864176 2025] [security2:error] [pid 23399:tid 23399] [client 104.167.25.113:21487] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.propertysubscription.com"] [uri "/.svn/wc.db"] [unique_id "aSQWuwSRARGxrRQq-oZcMAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 182.151.41.228

🇰🇷 175.119.225.68

🇩🇪 172.70.247.98

🇵🇰 149.71.36.26

🇰🇿 145.255.169.236

🇺🇸 107.173.102.228

🇦🇴 102.214.36.160

🇷🇺 95.189.77.141

🇬🇹 45.173.216.108

🇪🇬 41.128.181.199

🇵🇰 39.34.155.183

🇺🇸 20.65.193.198

🇯🇵 8.216.7.76

🇺🇦 5.153.189.97

🇨🇳 223.153.215.213

🇨🇳 223.104.194.86

🇨🇳 218.61.30.43

🇨🇴 190.66.177.102

🇬🇹 190.14.134.116

🇳🇱 185.242.226.108