JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.167.25.67

104.167.25.67 was found in our database!

This IP was reported 37 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.167.25.67

Whois 104.167.25.67

IP Abuse Reports for 104.167.25.67:

This IP address has been reported a total of 37 times from 16 distinct sources. 104.167.25.67 was first reported on October 29th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-04-12 06:12:40 (1 month ago)	Sensitive file access attempt	Hacking
Anonymous	2026-04-12 05:41:05 (1 month ago)	Attempt to scan vulnerabilities	Hacking
Anonymous	2026-03-29 05:41:16 (2 months ago)	Forum/form spam	Web Spam
Anonymous	2026-03-05 09:09:12 (3 months ago)	Forum/form spam	Web Spam
🇬🇧 myintarweb	2026-02-10 02:53:04 (3 months ago)	104.167.25.67 - - [10/Feb/2026:02:53:03 +0000] 80 "GET /.env.production HTTP/1.1" 301 1655 "-" "Mozi ... show more 104.167.25.67 - - [10/Feb/2026:02:53:03 +0000] 80 "GET /.env.production HTTP/1.1" 301 1655 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Hacking Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:02:02 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-24 07:41:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.67 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.67 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:40:56.178075 2025] [security2:error] [pid 17538:tid 17538] [client 104.167.25.67:32733] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "atomicmc.com"] [uri "/.git/HEAD"] [unique_id "aSQMCDRRHanWAmO6LSJlGgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-24 07:18:24 (6 months ago)	Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing ... show more Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:04:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.67 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.67 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:04:35.543547 2025] [security2:error] [pid 5680:tid 5680] [client 104.167.25.67:55503] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bowdens-landingcom.draindoctor.us"] [uri "/.git/HEAD"] [unique_id "aSP1c3SoFxo8N2tDUap46AAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:21:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.67 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.67 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:21:42.408586 2025] [security2:error] [pid 15036:tid 15036] [client 104.167.25.67:53299] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.assistfeed.com"] [uri "/.git/HEAD"] [unique_id "aSPrZmuiHCnSsYabGQKwmAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:17:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.67 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.67 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:17:41.432589 2025] [security2:error] [pid 3965259:tid 3965348] [client 104.167.25.67:42035] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.adultbaja.com"] [uri "/.env"] [unique_id "aSPcZcHsvdKIeQe-cM_4OwAAAVc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:21:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.67 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.67 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:20:47.552984 2025] [security2:error] [pid 3225238:tid 3225238] [client 104.167.25.67:45977] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.croixlac.com"] [uri "/.git/HEAD"] [unique_id "aSPPD12mTV95ABMEDk-NMQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2025-11-22 21:06:28 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:114.0) Gecko/20100101 Firefox/114.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2025-11-16 19:29:05 (6 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.16 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.16 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-14 15:38:40 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 37 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.87

🇹🇷 188.59.178.25

🇻🇳 171.237.178.82

🇺🇸 118.193.77.12

🇸🇬 104.233.37.63

🇷🇴 92.118.39.236

🇳🇱 45.148.10.157

🇬🇧 35.203.210.226

🇹🇷 31.40.204.124

🇺🇸 3.222.225.8

🇷🇺 188.43.204.45

🇨🇳 180.138.194.82

🇵🇰 153.117.13.22

🇮🇳 139.59.30.229

🇨🇳 120.34.139.78

🇫🇷 93.114.73.146

🇺🇸 66.132.224.25

🇬🇧 62.60.130.182

🇺🇸 216.25.89.122

🇺🇸 205.169.39.50