JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.199.11.242

104.199.11.242 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 100%: ?

100%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	242.11.199.104.bc.googleusercontent.com
Domain Name	google.com
Country	🇧🇪 Belgium
City	Brussels, Brussels Capital

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.199.11.242

Whois 104.199.11.242

IP Abuse Reports for 104.199.11.242:

This IP address has been reported a total of 27 times from 25 distinct sources. 104.199.11.242 was first reported on June 24th 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Alfafoxtrot	2026-06-25 06:26:28 (3 hours ago)	Reason: suspicious \| src-ip: 104.199.11.242 \| dport=80 \| Protoc.=TCP \| Inc. 2d: 1	Hacking
🇨🇭 Kepler-1649c	2026-06-24 10:05:16 (23 hours ago)	Detected Attack: Nmap.Script.Scanner	Hacking
🇨🇿 Countryman	2026-06-24 07:31:51 (1 day ago)	IPS detection: Nmap.Script.Scanner	Port Scan
🇫🇷 pm33	2026-06-24 07:26:26 (1 day ago)	Unsolicited connection attempts or aggressive port scan.	Port Scan
🇩🇪 nidaren	2026-06-24 07:26:24 (1 day ago)	104.199.11.242 - - [24/Jun/2026:09:26:23 +0200] "\x16\x03\x00\x00i\x01\x00\x00e\x03\x03U\x1C\xA7\xE4 ... show more 104.199.11.242 - - [24/Jun/2026:09:26:23 +0200] "\x16\x03\x00\x00i\x01\x00\x00e\x03\x03U\x1C\xA7\xE4random1random2random3random4\x00\x00\x0C\x00/\x00" 400 150 "-" "-" ... show less	Bad Web Bot Web App Attack
🇸🇪 SkyDancer	2026-06-24 07:11:09 (1 day ago)	Multiple unauthorized attempts to access using wrong credentials. Attack automatically blocked by Sk ... show more Multiple unauthorized attempts to access using wrong credentials. Attack automatically blocked by SkyDancer Ai. EXT-SYS-Vx show less	Hacking Brute-Force SSH
🇺🇸 gu-alvareza	2026-06-24 07:05:42 (1 day ago)	Java.Debug.Wire.Protocol.Insecure.Configuration	Hacking
🇺🇸 Starburst SysOp Team	2026-06-24 06:55:41 (1 day ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-mnz6-1)	Hacking Bad Web Bot
🇳🇴 Bots.go.to.hell	2026-06-24 06:04:14 (1 day ago)	This IP was detected by CrowdSec triggering custom/ip-honeypot	Web App Attack Bad Web Bot
🇺🇸 itsnixk	2026-06-24 05:58:36 (1 day ago)	(mod_security) mod_security (id:920350) triggered by 104.199.11.242 (BE/Belgium/242.11.199.104.bc.go ... show more (mod_security) mod_security (id:920350) triggered by 104.199.11.242 (BE/Belgium/242.11.199.104.bc.googleusercontent.com): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Wed Jun 24 01:58:34.488057 2026] [security2:error] [pid 796054:tid 796516] [client 104.199.11.242:6802] ModSecurity: Access denied with code 406 (phase 1). Pattern match "(?:^([\\\\d.]+\|\\\\[[\\\\da-f:]+\\\\]\|[\\\\da-f:]+)(:[\\\\d]+)?$)" at REQUEST_HEADERS:Host. [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "773"] [id "920350"] [msg "Host header is a numeric IP address"] [redacted] [severity "WARNING"] [ver "OWASP_CRS/4.26.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL-ENFORCEMENT"] [tag "capec/1000/210/272"] [redacted] [uri "/"] [unique_id "ajtyCho9s0Z_TAzgvB03IwAAAFs"] show less	Port Scan
🇩🇪 0x44	2026-06-24 05:42:26 (1 day ago)	Abusive host detected - Web probing for vulnerabilities	Web App Attack Hacking
🇺🇸 RogueAutomata	2026-06-24 05:42:12 (1 day ago)	Detected malicious request: GET / Detections triggered: Access via IP addr (v4)	Web App Attack
🇩🇪 Ano_Nym	2026-06-24 05:41:08 (1 day ago)	CrowdSec IDS alert on VPS 85.215.198.123 (DE). Scenario: crowdsecurity/http-probing	Web App Attack
🇮🇩 PENJAGA.AUM	2026-06-24 05:35:47 (1 day ago)	104.199.11.242 - Attack: Possible XSS attack, script tag	Web App Attack SQL Injection Spoofing
🇺🇸 Hmorrin	2026-06-24 05:15:58 (1 day ago)		Port Scan

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 210.212.136.3

🇺🇸 195.184.76.217

🇧🇷 187.180.190.30

🇮🇩 163.7.16.11

🇭🇰 154.83.15.221

🇫🇷 91.231.89.244

🇫🇷 91.231.89.230

🇳🇱 81.19.216.94

🇱🇹 62.60.130.219

🇬🇧 2a05:d01c:8c7:6800:1375:67f7:32ec:ecdc

🇩🇪 209.50.180.47

🇭🇰 199.45.154.180

🇧🇷 129.121.50.86

🇮🇳 103.199.205.205

🇧🇬 87.246.54.153

🇸🇬 62.146.232.73

🇧🇷 45.205.1.247

🇧🇪 34.78.232.242

🇨🇦 16.54.211.142

🇹🇭 8.213.229.126