JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.167.25.34

104.167.25.34 was found in our database!

This IP was reported 38 times. Confidence of Abuse is 18%: ?

18%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.167.25.34

Whois 104.167.25.34

IP Abuse Reports for 104.167.25.34:

This IP address has been reported a total of 38 times from 21 distinct sources. 104.167.25.34 was first reported on November 1st 2024, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-06-02 09:05:40 (5 days ago)	Brute force	Brute-Force
🇩🇪 Axel	2026-05-13 08:07:57 (3 weeks ago)	[2026-05-13 08:07:57 UTC] Honeypot WebLogic connection attempt \| AXFRA HONEYPOT	Web App Attack
🇬🇧 PeravixGroup	2026-05-10 10:38:42 (4 weeks ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 mnsf	2026-02-19 06:05:31 (3 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack
🇫🇷 dynamix	2026-02-19 03:22:35 (3 months ago)	Multiple WAF Violations	Web App Attack
🇦🇺 2000cn.com.au	2026-02-11 21:04:55 (3 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇺🇸 myagent.site	2026-02-09 22:18:09 (3 months ago)	Blocking for trying to access an exploit file: /.env.local	Hacking
🇺🇸 oncord	2026-02-06 17:19:47 (4 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2025-12-08 15:57:32 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.34 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 10:57:25.048433 2025] [security2:error] [pid 20069:tid 20069] [client 104.167.25.34:58419] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "finishlineenterprisesllc.com"] [uri "/.svn/wc.db"] [unique_id "aTb1Zea5zygr512NCxWhHQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 08:36:55 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.34 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 03:36:47.925251 2025] [security2:error] [pid 4330:tid 4330] [client 104.167.25.34:59281] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tntserv.com"] [uri "/.env"] [unique_id "aTaOHyV2S6Ax5FU9UMjEiAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 00:34:29 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.34 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 19:34:24.012024 2025] [security2:error] [pid 1563:tid 1563] [client 104.167.25.34:44549] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rewirenetworks.com"] [uri "/.env"] [unique_id "aTYdENBCWYBaf1wxQlU3FQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 18:43:50 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.34 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 13:43:42.652715 2025] [security2:error] [pid 15756:tid 15756] [client 104.167.25.34:32237] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "technesa.com"] [uri "/.svn/wc.db"] [unique_id "aTXK3oJmMF3kycEibz8UWQAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 18:29:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.34 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 13:29:04.760566 2025] [security2:error] [pid 14934:tid 14934] [client 104.167.25.34:29665] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vccemail.net"] [uri "/.svn/wc.db"] [unique_id "aTR18ES5zvhvv3WjpAdwvgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 07:14:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.34 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 02:14:38.228168 2025] [security2:error] [pid 25604:tid 25604] [client 104.167.25.34:44725] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kln.ne.jp"] [uri "/.env"] [unique_id "aTPX3lnMmnYHP_tszL9EZQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 08:53:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.34 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 03:53:13.906077 2025] [security2:error] [pid 31521:tid 31521] [client 104.167.25.34:9227] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "theurbanlogger.com"] [uri "/.env"] [unique_id "aTKdefo7_IgjwXusOky8-gAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 38 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.67

🇬🇧 193.32.209.232

🇮🇹 57.131.49.91

🇩🇪 43.228.157.183

🇲🇴 182.93.50.90

🇧🇷 177.93.159.95

🇦🇲 176.32.193.16

🇵🇰 175.107.0.107

🇫🇮 77.42.68.88

🇺🇸 72.69.215.250

🇮🇳 68.183.89.16

🇴🇲 37.40.228.52

🇻🇳 27.79.4.192

🇻🇳 14.241.121.253

🇺🇸 2603:7000:c8f0:8140:8dcd:1105:ba9a:1137

🇺🇸 207.241.235.86

🇦🇷 190.181.101.235

🇹🇷 185.221.64.22

🇨🇭 179.43.163.26

🇷🇺 178.178.222.62