JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.167.25.42

104.167.25.42 was found in our database!

This IP was reported 38 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.167.25.42

Whois 104.167.25.42

IP Abuse Reports for 104.167.25.42:

This IP address has been reported a total of 38 times from 21 distinct sources. 104.167.25.42 was first reported on October 19th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Lino Project	2026-04-06 08:42:14 (1 month ago)	104.167.25.42 - - [06/Apr/2026:10:42:14 +0200] "GET /wp-admin/post-new.php HTTP/1.1" 403 6555 "https ... show more 104.167.25.42 - - [06/Apr/2026:10:42:14 +0200] "GET /wp-admin/post-new.php HTTP/1.1" 403 6555 "https://www.primobio.it/mio-account/" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 as211431.net	2026-04-05 13:36:30 (1 month ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /user/register/ UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇨🇭 Origon	2026-02-09 20:27:57 (3 months ago)	http-sensitive-files - IP: 104.167.25.42 - time="2026-02-09T21:27:57+01:00" level=info msg="(555f66 ... show more http-sensitive-files - IP: 104.167.25.42 - time="2026-02-09T21:27:57+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.167.25.42 (US/200373) : 4h ban on Ip 104.167.25.42" module=db show less	Web App Attack
🇩🇪 FutureFm	2026-02-09 19:52:00 (3 months ago)	104.167.25.42 - - [09/Feb/2026:19:24:31 +0100] "GET /api/.env	Hacking Brute-Force
🇺🇸 myagent.site	2026-01-15 08:41:21 (4 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2025-11-26 11:57:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:57:32.704705 2025] [security2:error] [pid 7737:tid 7737] [client 104.167.25.42:54527] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.kidswithcamerasmovie.com"] [uri "/.git/HEAD"] [unique_id "aSbrLDGEr0QTETsqLfV3WgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:43:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:43:05.344771 2025] [security2:error] [pid 10432:tid 10432] [client 104.167.25.42:35315] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.azcrittergetter.com"] [uri "/.svn/wc.db"] [unique_id "aSZNGbCLsZ6xrtbB7STNywAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:30:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:30:12.318676 2025] [security2:error] [pid 9551:tid 9551] [client 104.167.25.42:34243] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.maryrosevaro.com"] [uri "/.svn/wc.db"] [unique_id "aSQXlKudFeCXl0MTmC0uNwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:37:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:36:54.882635 2025] [security2:error] [pid 23117:tid 23117] [client 104.167.25.42:41089] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.tolenaar.com"] [uri "/.svn/wc.db"] [unique_id "aSPg5lrrD8amza55PMd-qwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:14:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:13:56.378835 2025] [security2:error] [pid 15388:tid 15388] [client 104.167.25.42:58017] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.kinhung.com"] [uri "/.git/HEAD"] [unique_id "aSPbhDU7kt7qayOStTSx_QAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-13 23:12:16 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇫🇮 as211431.net	2025-11-12 07:47:00 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /user/register/ UA: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:114.0) Gecko/20100101 Firefox/114.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2025-11-02 16:25:41 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 10:24:05	Port Scan Brute-Force Exploited Host Web App Attack
🇺🇸 nowyouknow	2025-10-25 22:34:14 (7 months ago)	(From [email protected]) Hi, I visited your page castelluccichiropractic.com. I noticed you h ... show more (From [email protected]) Hi, I visited your page castelluccichiropractic.com. I noticed you have fewer reviews than your competitors. We offer a free review software to get systematically reviews from your own clients. We also filter bad reviews and protect your reputation. no creditcard no costs explainervideo of 2 minutes here: https://www.loom.com/share/1a014edd2f7948788694adae8fda40d6 If you do not want to receive further emails just send us "unsubscribe" to the following emailadress: [email protected] show less	Phishing Web Spam
Anonymous	2025-10-17 02:55:02 (7 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.17 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.17 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 38 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 218.29.193.22

🇩🇪 178.16.52.15

🇫🇷 151.80.77.244

🇨🇦 99.209.226.114

🇧🇬 79.124.62.230

🇬🇧 35.203.211.93

🇺🇸 2607:f8b0:4003:c1c::12a

🇺🇸 195.184.76.119

🇺🇸 172.236.228.198

🇫🇷 167.86.121.13

🇺🇸 165.245.166.245

🇺🇸 100.50.17.159

🇵🇹 85.244.8.67

🇱🇹 81.30.98.49

🇨🇳 58.47.120.129

🇬🇧 31.14.254.51

🇦🇿 5.191.105.68

🇦🇪 5.38.1.181

🇬🇧 193.176.29.4

🇩🇪 176.65.132.24