JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.167.25.95

104.167.25.95 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 10%: ?

10%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.167.25.95

Whois 104.167.25.95

IP Abuse Reports for 104.167.25.95:

This IP address has been reported a total of 24 times from 10 distinct sources. 104.167.25.95 was first reported on November 9th 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ELYAZ	2026-06-01 15:14:04 (3 days ago)	(y4) Failed scan -byebye- from 104.167.25.95 (US/United States/-): (CF_ENABLE)	Hacking
🇫🇷 ELYAZ	2026-05-30 03:06:51 (5 days ago)	(y4) Failed scan -byebye- from 104.167.25.95 (US/United States/-): (CF_ENABLE)	Hacking
🇨🇭 TheCoon	2026-04-21 01:00:02 (1 month ago)	Automated: Gzip bomb download attempt	Web App Attack Hacking
🇦🇺 oncord	2026-02-20 17:09:18 (3 months ago)	Form spam	Web Spam
🇺🇸 oncord	2026-02-11 05:22:01 (3 months ago)	Form spam	Web Spam
🇦🇺 oncord	2026-02-08 10:10:40 (3 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2025-11-25 04:08:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.95 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:08:38.462609 2025] [security2:error] [pid 10223:tid 10223] [client 104.167.25.95:29873] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.iworklife.org"] [uri "/.svn/wc.db"] [unique_id "aSUrxhjMtzBOlsntS5d_7gAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:09:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.95 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:09:35.851368 2025] [security2:error] [pid 14837:tid 14837] [client 104.167.25.95:33773] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.charamand.com"] [uri "/.env"] [unique_id "aSUP37B8Tc46gWPzh8KTQwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:21:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.95 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:20:57.204921 2025] [security2:error] [pid 19488:tid 19488] [client 104.167.25.95:21305] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.shawnlayne.com"] [uri "/.git/HEAD"] [unique_id "aSUEeQ2YVL0qnpfSZc-AXAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 23:59:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.167.25.95 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.167.25.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 18:59:29.854078 2025] [security2:error] [pid 17023:tid 17082] [client 104.167.25.95:31725] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pwihatah.plumeraproductions.com"] [uri "/.git/HEAD"] [unique_id "aSTxYb1hG8E8_fObGRhOEQAAARQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 07:44:12 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-10-18 10:38:11 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇨🇦 wil.com	2025-10-16 02:19:31 (7 months ago)	GlobalProtect login attempts with user tammra.	VPN IP Brute-Force
Anonymous	2025-10-14 08:15:42 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.14 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.14 is noted in report timestamp show less	Hacking Brute-Force
🇧🇷 hostseries	2025-10-12 04:31:11 (7 months ago)	Trigger: LF_DISTATTACK	Brute-Force

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 195.88.211.210

🇬🇧 193.163.125.89

🇫🇷 82.67.196.47

🇷🇸 77.105.37.220

🇺🇸 35.254.244.123

🇳🇱 2a0b:c140:aa::111

🇵🇰 103.74.20.182

🇺🇸 50.6.109.131

🇫🇮 147.185.133.9

🇱🇦 115.84.114.157

🇮🇳 103.180.213.153

🇩🇪 94.26.106.90

🇺🇸 72.14.147.205

🇧🇷 45.205.1.246

🇫🇷 185.252.235.113

🇨🇳 106.8.222.137

🇮🇳 103.180.212.135

🇧🇬 5.188.206.30

🇰🇷 211.247.127.250

🇮🇳 182.95.175.190