JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.167.25.204

104.167.25.204 was found in our database!

This IP was reported 38 times. Confidence of Abuse is 8%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.167.25.204

Whois 104.167.25.204

IP Abuse Reports for 104.167.25.204:

This IP address has been reported a total of 38 times from 21 distinct sources. 104.167.25.204 was first reported on November 5th 2024, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 MAGIC	2026-05-20 00:21:28 (4 weeks ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇬🇧 relianoid.com	2026-04-21 07:51:25 (1 month ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
Anonymous	2026-04-04 20:50:26 (2 months ago)	Forum/form spam	Web Spam
🇺🇸 mnsf	2026-03-27 02:05:44 (2 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack
Anonymous	2026-02-16 11:43:16 (4 months ago)	Forum/form spam	Web Spam
Anonymous	2026-02-11 09:01:00 (4 months ago)	SMS pumping	DDoS Attack VPN IP Bad Web Bot Web App Attack
Anonymous	2026-01-18 16:06:35 (4 months ago)	Forum/form spam	Web Spam
🇺🇸 TPI-Abuse	2025-11-26 08:48:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.204 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:48:03.322496 2025] [security2:error] [pid 22657:tid 22657] [client 104.167.25.204:23965] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.daviddenotaris.com"] [uri "/.env"] [unique_id "aSa-w54zt_m_c-jEySlLmAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:07:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.204 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:07:28.086789 2025] [security2:error] [pid 32577:tid 32577] [client 104.167.25.204:30391] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "firingsquadfilms.com.interforce.com"] [uri "/.svn/wc.db"] [unique_id "aSQgUHfVU9rInT5kSq383wAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Bedios GmbH	2025-11-24 08:38:45 (6 months ago)	Login credentials theft attempt	Hacking
🇺🇸 TPI-Abuse	2025-11-24 07:58:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.204 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:58:20.712768 2025] [security2:error] [pid 28760:tid 28760] [client 104.167.25.204:52401] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "avvmarchetticollini.it"] [uri "/.env"] [unique_id "aSQQHHJiv7epMURVIGfbgAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:29:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.204 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:28:59.445641 2025] [security2:error] [pid 28310:tid 28310] [client 104.167.25.204:60911] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "asmeinfo.com"] [uri "/.git/HEAD"] [unique_id "aSQJO9PvrvV_GDEffKC2TAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:54:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.204 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:54:47.748393 2025] [security2:error] [pid 10696:tid 10812] [client 104.167.25.204:15231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.chadcentral.com"] [uri "/.git/HEAD"] [unique_id "aSPzJyJafRnFKTiRloosiQAAAUs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:15:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.204 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:15:14.267865 2025] [security2:error] [pid 24078:tid 24078] [client 104.167.25.204:28577] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.amdavies15.com"] [uri "/.env"] [unique_id "aSPp4hD_EWXR1hRjq5A7MQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:04:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.204 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:04:43.813932 2025] [security2:error] [pid 18325:tid 18351] [client 104.167.25.204:15545] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sellarsmail.com"] [uri "/.svn/wc.db"] [unique_id "aSPZW7ibCkDUtlE56PAX7gAAAFg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 38 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 101.79.165.43

🇸🇪 51.21.222.53

🇲🇲 45.41.104.35

🇺🇸 34.197.70.90

🇺🇸 34.193.119.44

🇨🇳 222.176.200.154

🇹🇷 185.39.204.145

🇺🇸 172.245.20.145

🇺🇸 172.233.219.44

🇺🇸 172.232.27.232

🇺🇸 172.69.6.180

🇺🇸 165.154.36.192

🇨🇳 115.231.76.176

🇺🇸 74.208.92.116

🇺🇸 68.7.114.69

🇺🇸 64.62.197.77

🇺🇸 54.172.117.47

🇺🇸 40.77.177.219

🇺🇸 23.237.188.34

🇺🇸 18.118.111.64