JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.167.25.168

104.167.25.168 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.167.25.168

Whois 104.167.25.168

IP Abuse Reports for 104.167.25.168:

This IP address has been reported a total of 32 times from 17 distinct sources. 104.167.25.168 was first reported on November 15th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-02-11 09:01:00 (3 months ago)	SMS pumping	DDoS Attack VPN IP Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-31 10:15:40 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 31 05:15:33.900436 2025] [security2:error] [pid 8954:tid 8954] [client 104.167.25.168:15801] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "digi-estudio.com"] [uri "/wp-config.php"] [unique_id "aVT3xccpcBxycwVauMub-QAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:39 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-12-22 14:12:53 (5 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇬🇧 openstrike.co.uk	2025-12-14 11:00:41 (5 months ago)	9 packets to port 2083	Port Scan
🇵🇱 IROK	2025-12-08 14:07:26 (5 months ago)	Firewall Blocked - Unauthorized Port Scanning ...	Port Scan
Anonymous	2025-12-06 21:17:11 (5 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-12-02 21:09:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 16:09:02.576218 2025] [security2:error] [pid 12806:tid 12806] [client 104.167.25.168:20825] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "calendarcardsholiday.com"] [uri "/.env"] [unique_id "aS9VbnDZo_8E0HURqOIvQQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 nowyouknow	2025-12-02 20:18:10 (6 months ago)	(From [email protected]) Quality seo backlinks to supercharge your websites backlinks! B ... show more (From [email protected]) Quality seo backlinks to supercharge your websites backlinks! BonusBacklinks.com - we deliver daily backlinks and bring organic traffic to your page EVERY DAY: + Get 85% OFF + Trusted daily seo backlinks + Organic website traffic + Prices cheap as $1 + Bonus discount codes Check backlinks discounts - https://tiny.cc/bonusbacklinks-coupons Or enter directly - https://BonusBacklinks.com BonusBacklinks - daily backlinks and organic traffic to grow your website every day show less	Phishing Web Spam
🇺🇸 TPI-Abuse	2025-12-02 20:03:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 15:03:33.983391 2025] [security2:error] [pid 9227:tid 9227] [client 104.167.25.168:37733] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "virlouise.com"] [uri "/.svn/wc.db"] [unique_id "aS9GFUKL4UVCWyRSklnxRAAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 17:34:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 12:34:46.398598 2025] [security2:error] [pid 20695:tid 20695] [client 104.167.25.168:22987] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "transmittersolution.com"] [uri "/.svn/wc.db"] [unique_id "aS8jNiHG1e8nIYVDeSiPAAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 07:37:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 02:37:02.646772 2025] [security2:error] [pid 424357:tid 424510] [client 104.167.25.168:19249] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "onernet.com"] [uri "/.svn/wc.db"] [unique_id "aS6XHkjGR0gyNky4Ba_rTwAAAMg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:49:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:49:02.496215 2025] [security2:error] [pid 16229:tid 16229] [client 104.167.25.168:35267] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "martinvjohnson.com"] [uri "/.git/HEAD"] [unique_id "aS5vvvb3cB-rXn0svKviqAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-01 22:42:41 (6 months ago)	botnet	DDoS Attack
🇨🇦 Peter Chargen	2025-11-30 08:21:47 (6 months ago)	PHP email form abuse/SPAM attempt	Email Spam

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 66.132.195.117

🇳🇱 45.148.10.147

🇨🇳 223.15.242.225

🇨🇴 186.116.53.254

🇲🇽 186.96.145.241

🇸🇪 171.25.193.81

🇷🇺 92.255.196.185

🇪🇸 81.36.26.108

🇮🇳 27.123.111.110

🇺🇸 13.248.169.48

🇺🇸 3.17.36.144

🇺🇸 195.184.76.64

🇬🇧 185.247.137.49

🇺🇸 107.173.122.15

🇺🇸 76.223.54.146

🇺🇸 74.82.47.23

🇺🇸 68.7.171.158

🇺🇸 66.132.186.247

🇨🇳 60.173.208.242

🇩🇪 45.86.202.163