JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.234.53.25

104.234.53.25 was found in our database!

This IP was reported 258 times. Confidence of Abuse is 100%: ?

100%

ISP	Internet Utilities NA LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	iana.org
Country	🇺🇸 United States of America
City	New York City, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.234.53.25

Whois 104.234.53.25

IP Abuse Reports for 104.234.53.25:

This IP address has been reported a total of 258 times from 114 distinct sources. 104.234.53.25 was first reported on July 5th 2023, and the most recent report was 24 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2024-04-09 03:57:28 (2 years ago)	104.234.53.25 - - [09/Apr/2024:05:57:25 +0200] "GET /c.php HTTP/1.1" 404 3340 "http://elomix.de/c.ph ... show more 104.234.53.25 - - [09/Apr/2024:05:57:25 +0200] "GET /c.php HTTP/1.1" 404 3340 "http://elomix.de/c.php" "Go-http-client/1.1" 104.234.53.25 - - [09/Apr/2024:05:57:26 +0200] "GET /wp-content/upgrade/edit.php HTTP/1.1" 404 253 "http://elomix.de/wp-content/upgrade/edit.php" "Go-http-client/1.1" 104.234.53.25 - - [09/Apr/2024:05:57:26 +0200] "GET /ioxi02.php HTTP/1.1" 404 253 "http://elomix.de/ioxi02.php" "Go-http-client/1.1" 104.234.53.25 - - [09/Apr/2024:05:57:27 +0200] "GET /wp-content/plugins/core-plugin/nxd.php HTTP/1.1" 404 1296 "http://elomix.de/wp-content/plugins/core-plugin/nxd.php" "Go-http-client/1.1" ... show less	Hacking Bad Web Bot
🇳🇱 mawan	2024-04-09 02:43:50 (2 years ago)	Suspected of having performed illicit activity on AMS server.	Web App Attack
🇪🇸 10dencehispahard SL	2024-04-05 01:00:40 (2 years ago)	Unauthorized login attempts [ accesslogs]	Brute-Force
🇩🇪 uhlhosting	2024-04-04 07:25:46 (2 years ago)	im-corona.ch 104.234.53.25 - - [04/Apr/2024:09:25:45.161494 +0200] "GET //.well-known/inc/inc.php HT ... show more im-corona.ch 104.234.53.25 - - [04/Apr/2024:09:25:45.161494 +0200] "GET //.well-known/inc/inc.php HTTP/1.1" 403 199 "-" "-" Zg5V-VJYEVQhHbYoWoDwrQAAAIw "-" /apache/20240404/20240404-0925/20240404-092545-Zg5V-VJYEVQhHbYoWoDwrQAAAIw 0 1038 md5:d35245a408d17ad085aff7b3bbfa0533 im-corona.ch 104.234.53.25 - - [04/Apr/2024:09:25:45.351685 +0200] "GET //.well-known/plugins.php HTTP/1.1" 403 199 "-" "-" Zg5V-VJYEVQhHbYoWoDwrgAAAI4 "-" /apache/20240404/20240404-0925/20240404-092545-Zg5V-VJYEVQhHbYoWoDwrgAAAI4 0 1038 md5:947c27df4eb2181af7d674b239c838e9 im-corona.ch 104.234.53.25 - - [04/Apr/2024:09:25:45.539815 +0200] "GET //.well-known/radio.php HTTP/1.1" 403 199 "-" "-" Zg5V-VJYEVQhHbYoWoDwrwAAAI8 "-" /apache/20240404/20240404-0925/20240404-092545-Zg5V-VJYEVQhHbYoWoDwrwAAAI8 0 1036 md5:5aed1254bf15548c026378253e368a79 im-corona.ch 104.234.53.25 - - [04/Apr/2024:09:25:45.727644 +0200] "GET //.well-known/pki-validation/sts.php HTTP/1.1" 403 199 "-" "-" Zg5V-VJYEVQhHbYoWoDwsAAAAIc "-" /apache ... show less	DDoS Attack Brute-Force
🇨🇦 ISPLtd	2024-04-03 16:27:14 (2 years ago)	104.234.53.25 - - [03/Apr/2024:13:26:37 -0300] "GET //wp-includes/Requests/network.php ...	Hacking Web App Attack
🇺🇸 ChamberofCommerce.com	2024-03-22 16:06:55 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot
🇦🇺 MAGIC	2024-03-20 07:03:40 (2 years ago)	VM5 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇦🇺 MAGIC	2024-03-20 01:16:35 (2 years ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 ph	2024-03-06 05:32:57 (2 years ago)	Bad web bot attempting to run wp-includes on non-WP site	Hacking Bad Web Bot Web App Attack
🇺🇸 physke	2024-03-05 20:23:57 (2 years ago)	REQUESTED PAGE: /fm1.php	Web App Attack
🇩🇪 Bedios GmbH	2024-03-01 19:38:08 (2 years ago)	Wordpress hacking attempt	Web App Attack
🇪🇸 10dencehispahard SL	2024-03-01 16:00:22 (2 years ago)	Unauthorized login attempts [ accesslogs]	Brute-Force
🇨🇭 Danny-CH	2024-02-15 09:37:00 (2 years ago)	port scans	Port Scan
🇺🇸 TPI-Abuse	2024-02-15 07:47:42 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 104.234.53.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.234.53.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 15 02:47:23.000521 2024] [security2:error] [pid 30085] [client 104.234.53.25:7571] [client 104.234.53.25] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "garyrankin.com"] [uri "/.env"] [unique_id "Zc3Bi8MahROOxXMON43pFwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-02-15 05:11:23 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 104.234.53.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.234.53.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 15 00:09:19.696324 2024] [security2:error] [pid 22823] [client 104.234.53.25:6161] [client 104.234.53.25] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gizagardens.crestonecolorado.com"] [uri "/.env"] [unique_id "Zc2cf8_hDazLz2WAXuCNQAAAABc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 226 to 240 of 258 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 106.75.16.140

🇨🇳 106.32.106.29

🇺🇸 68.220.171.40

🇰🇷 222.107.156.227

🇧🇷 205.210.31.239

🇬🇧 193.163.125.76

🇵🇭 136.158.29.11

🇸🇬 103.250.11.63

🇮🇩 103.157.63.19

🇷🇴 103.75.71.17

🇨🇳 101.126.14.37

🇺🇸 65.49.1.173

🇵🇭 49.146.37.163

🇦🇷 190.181.101.224

🇺🇸 188.215.125.52

🇮🇶 185.244.152.239

🇳🇱 160.119.76.43

🇺🇸 147.185.132.87

🇺🇸 138.0.240.206

🇰🇷 112.216.129.27