JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.238.49.8

104.238.49.8 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 0%: ?

ISP	Web2Objects LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS62874
Domain Name	web2objects.com
Country	🇺🇸 United States of America
City	Dallas, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.238.49.8

Whois 104.238.49.8

IP Abuse Reports for 104.238.49.8:

This IP address has been reported a total of 9 times from 4 distinct sources. 104.238.49.8 was first reported on October 30th 2023, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-27 03:46:36 (4 months ago)	(mod_security) mod_security (id:248270) triggered by 104.238.49.8 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:248270) triggered by 104.238.49.8 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 22:46:31.330744 2026] [security2:error] [pid 8337:tid 8372] [client 104.238.49.8:54175] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\$\\\\{jndi:(ldaps?\|rmi\|dns\|iiop\|nis\|nds\|corba\|\\\\$\\\\{(?:lower\|upper)):" at REQUEST_HEADERS:X-Api-Version. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "7626"] [id "248270"] [rev "1"] [msg "COMODO WAF: Remote code execution in Apache log4j\|\|kettlehill.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kettlehill.net"] [uri "/"] [unique_id "aXg1FxP1Z_TsLhhnVNfyywAAAUs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 05:37:27 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.238.49.8 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.238.49.8 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 00:37:19.631292 2026] [security2:error] [pid 27903:tid 27903] [client 104.238.49.8:55621] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/.env.www"] [unique_id "aWsgD5mmsr2KZau9saZc-wAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇪 RoboSOC	2025-10-16 12:36:15 (7 months ago)	phpunit Remote Code Execution Vulnerability, PTR: PTR record not found	Hacking
🇺🇸 TPI-Abuse	2025-07-26 23:57:52 (10 months ago)	(mod_security) mod_security (id:221260) triggered by 104.238.49.8 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:221260) triggered by 104.238.49.8 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 19:56:11.951562 2025] [security2:error] [pid 24711:tid 24807] [client 104.238.49.8:57369] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\$\\\$\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|kettlehill.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.net"] [uri "/cgi-bin/status/status.cgi"] [unique_id "aIVrG09KbRWH4kEYJ4z0hQAAAMo"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-30 01:40:01 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 104.238.49.8 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.238.49.8 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 21:39:53.702123 2025] [security2:error] [pid 3921364:tid 3921364] [client 104.238.49.8:60447] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.farmers123.com"] [uri "/.env.farmers123"] [unique_id "aDkMaeu1EnuVMV3LbDtYqgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-05-04 18:30:01 (1 year ago)	\| Common web attack.	Hacking SQL Injection Web App Attack
🇺🇸 ChamberofCommerce.com	2023-11-05 21:44:34 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2023-11-02 06:50:42 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:227 show less	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2023-10-30 21:31:01 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 34.48.120.33

🇱🇻 212.3.197.12

🇳🇱 178.62.213.188

🇳🇱 91.92.243.20

🇩🇪 78.111.67.242

🇫🇮 46.62.225.25

🇨🇱 34.176.79.8

🇭🇰 154.198.42.71

🇮🇳 103.69.200.225

🇦🇷 45.184.229.84

🇳🇱 45.86.200.4

🇺🇸 2604:a940:300:5b6:0:29::

🇰🇷 220.86.176.134

🇮🇳 172.232.121.109

🇭🇰 139.198.113.29

🇨🇳 124.234.198.184

🇰🇷 101.36.114.124

🇳🇱 64.89.162.49

🇧🇷 45.205.1.5

🇮🇩 34.50.114.154