JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.167.25.195

104.167.25.195 was found in our database!

This IP was reported 48 times. Confidence of Abuse is 3%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.167.25.195

Whois 104.167.25.195

IP Abuse Reports for 104.167.25.195:

This IP address has been reported a total of 48 times from 18 distinct sources. 104.167.25.195 was first reported on November 6th 2024, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-01 14:05:39 (6 days ago)	Scanning/Probing (24)	Brute-Force Web App Attack
🇺🇸 mnsf	2026-05-25 10:05:35 (1 week ago)	Scanning/Probing (34)	Brute-Force Web App Attack
Anonymous	2026-04-03 16:48:54 (2 months ago)	Forum/form spam	Web Spam
Anonymous	2026-03-01 05:32:56 (3 months ago)	Forum/form spam	Web Spam
🇱🇻 garmtech.com	2026-01-24 16:23:45 (4 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 18-23.104.167.25.195.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 18-23.104.167.25.195.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:47 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 COMPLEX	2025-12-15 04:46:38 (5 months ago)	Triggered Cloudflare WAF (l7ddos) from US. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protoc ... show more Triggered Cloudflare WAF (l7ddos) from US. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protocol: HTTP/2 (GET method) Endpoint: / show less	DDoS Attack Bad Web Bot
🇺🇸 nowyouknow	2025-12-10 15:15:00 (5 months ago)	(From [email protected]) Boost up your seo rankings with professional seo services! BonusB ... show more (From [email protected]) Boost up your seo rankings with professional seo services! BonusBacklinks.com - we provide daily backlinks and drive organic visits to your website EVERY DAY: + Take 85% SALE + Trusted daily seo backlinks + Real website traffic + Price cheap as $1 + Bonus discount codes Explore seo discounts - https://tiny.cc/BonusBacklinks-Offer Or view directly - https://BonusBacklinks.com BonusBacklinks - daily seo backlinks and organic clicks to grow your website everyday show less	Phishing Web Spam
Anonymous	2025-12-04 10:23:14 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-12-02 16:33:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 11:33:55.092631 2025] [security2:error] [pid 29950:tid 29950] [client 104.167.25.195:9137] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gdpeters.com"] [uri "/.env"] [unique_id "aS8U8ytB4Y6YbI8eZrra9QAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 08:14:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 03:14:54.136939 2025] [security2:error] [pid 18775:tid 18775] [client 104.167.25.195:58367] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crestrong.com"] [uri "/.git/HEAD"] [unique_id "aS6f_g2R2VKDieXdJjj1jwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:13:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:13:12.245012 2025] [security2:error] [pid 10012:tid 10012] [client 104.167.25.195:44069] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "andrejblatnik.com"] [uri "/.git/HEAD"] [unique_id "aS51aFBlEjQkdDm7xdJAmAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:07:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:07:45.688937 2025] [security2:error] [pid 21538:tid 21538] [client 104.167.25.195:49735] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mspish.com"] [uri "/.env"] [unique_id "aS5mER4jQflm3_3-EUvhqwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:30:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:29:57.788391 2025] [security2:error] [pid 29874:tid 29874] [client 104.167.25.195:55643] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.jodstar.com"] [uri "/.env"] [unique_id "aSQllU-L0KaJo-reZJoP1QAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:42:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:42:50.602559 2025] [security2:error] [pid 18314:tid 18314] [client 104.167.25.195:22485] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.oceanrich.biz"] [uri "/.git/HEAD"] [unique_id "aSPwWgqjtk9TvvbBsiOC5AAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 48 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.222

🇬🇧 81.19.219.208

🇫🇷 54.38.241.200

🇳🇱 45.148.10.152

🇧🇷 205.210.31.242

🇮🇷 185.226.119.178

🇨🇳 183.250.89.44

🇨🇳 183.56.236.229

🇳🇱 138.249.141.173

🇩🇪 84.32.10.175

🇦🇲 45.159.74.212

🇺🇸 20.163.2.151

🇫🇷 185.188.249.130

🇫🇷 95.111.230.218

🇷🇴 92.118.39.62

🇷🇺 83.246.133.16

🇮🇪 34.245.100.248

🇯🇵 34.97.219.71

🇸🇪 2.66.71.248

🇺🇸 2604:a940:300:5b6:0:26::