JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.244.78.232

104.244.78.232 was found in our database!

This IP was reported 110 times. Confidence of Abuse is 59%: ?

59%

This address is a Tor exit node. Neither the owner nor the provider are directly behind the offending action.

ISP	BuyVM
Usage Type	Data Center/Web Hosting/Transit
ASN	AS53667
Domain Name	frantech.ca
Country	🇨🇭 Switzerland
City	Zurich, Zurich

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.244.78.232

Whois 104.244.78.232

IP Abuse Reports for 104.244.78.232:

This IP address has been reported a total of 110 times from 50 distinct sources. 104.244.78.232 was first reported on October 28th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 screwlooseit.com.au	2026-06-02 19:30:55 (2 days ago)	Blocked by CSF 13 firewall - Rule: XMLRPC LU/Luxembourg/-	Web App Attack
🇫🇷 ✨	2026-06-02 00:37:12 (3 days ago)	Rule : PLESK BOT 2026-06-02 02:36:00 Unauthorized login attempt to Plesk Panel from IP 104.244.78.23 ... show more Rule : PLESK BOT 2026-06-02 02:36:00 Unauthorized login attempt to Plesk Panel from IP 104.244.78.232 with username admin show less	Hacking Brute-Force Web App Attack
🇧🇪 cmbplf	2026-06-01 01:31:43 (4 days ago)	544 limiting connections by zone (1h39m59s)	DDoS Attack
🇩🇪 IVski	2026-05-30 07:03:39 (6 days ago)	IVski WAF \| Suspicious activity detected - generic bot or scanner pattern	Port Scan Brute-Force Web App Attack
🇩🇪 grassau.com	2026-05-27 22:22:08 (1 week ago)	(plesk-panel) Failed plesk-panel login with username [redacted] from 104.244.78.232 (CH/Switzerland/ ... show more (plesk-panel) Failed plesk-panel login with username [redacted] from 104.244.78.232 (CH/Switzerland/-/-/-) show less	Brute-Force
🇩🇪 LRob.fr	2026-05-27 14:45:23 (1 week ago)	Plesk panel login attempt with forbidden username (root/admin), blocked by Fail2Ban in custom-plesk- ... show more Plesk panel login attempt with forbidden username (root/admin), blocked by Fail2Ban in custom-plesk-login jail show less	Brute-Force Web App Attack
🇮🇩 David Koswari	2026-05-22 05:34:00 (2 weeks ago)	REQ_BLOCKED_ACL	DDoS Attack FTP Brute-Force Ping of Death Port Scan Hacking SQL Injection Spoofing Brute-Force Bad Web Bot Exploited Host Web App Attack SSH IoT Targeted
🇧🇷 ICS Labs	2026-05-21 15:11:14 (2 weeks ago)	ICS Labs identified 104.244.78.232 as a malicious indicator from threat intelligence.	DDoS Attack Hacking Exploited Host
🇺🇸 TPI-Abuse	2026-05-16 05:12:50 (2 weeks ago)	(mod_security) mod_security (id:210350) triggered by 104.244.78.232 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 104.244.78.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 16 01:12:44.536792 2026] [security2:error] [pid 6029:tid 6048] [client 104.244.78.232:50600] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.cspmedia.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.cspmedia.com"] [uri "/digital_electronic_court_reporting.shtml"] [unique_id "agf8zF4G5SnD2KDx1_BKRQAAAFA"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 oncord	2026-05-07 00:02:27 (4 weeks ago)	Form spam	Web Spam
Anonymous	2026-05-06 01:01:04 (4 weeks ago)	2026-05-05 19:00:02,863 fail2ban.actions [3625835]: NOTICE [tor] Ban 104.244.78.232 2026-05- ... show more 2026-05-05 19:00:02,863 fail2ban.actions [3625835]: NOTICE [tor] Ban 104.244.78.232 2026-05-05 21:00:06,189 fail2ban.actions [3625835]: NOTICE [tor] Ban 104.244.78.232 2026-05-06 00:00:04,165 fail2ban.actions [3625835]: NOTICE [tor] Ban 104.244.78.232 2026-05-06 02:00:16,872 fail2ban.actions [3625835]: NOTICE [tor] Ban 104.244.78.232 2026-05-06 04:01:03,416 fail2ban.actions [3625835]: NOTICE [tor] Ban 104.244.78.232 show less	Brute-Force
🇪🇸 gnom4ik	2026-05-02 20:46:56 (1 month ago)	ban-reviewer auto report; ip=104.244.78.232; scenario=http:scan; verdict=valid_ban; confidence=0.92; ... show more ban-reviewer auto report; ip=104.244.78.232; scenario=http:scan; verdict=valid_ban; confidence=0.92; categories=14,15,18,22; active_decisions=2; lookback_decisions=2; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=ip_decision_count_high show less	Port Scan Hacking Brute-Force SSH
Anonymous	2026-05-01 05:18:53 (1 month ago)		Web Spam
🇺🇸 TPI-Abuse	2026-04-26 15:35:31 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 104.244.78.232 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.244.78.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 11:35:26.022063 2026] [security2:error] [pid 22935:tid 22935] [client 104.244.78.232:52266] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.13waggoners.com"] [uri "/.git/config"] [unique_id "ae4wvnN9r5GisUMQRHtfnAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-24 21:00:06 (1 month ago)	2026-04-24 12:00:02,671 fail2ban.actions [7718]: NOTICE [tor] Ban 104.244.78.232 2026-04-24 ... show more 2026-04-24 12:00:02,671 fail2ban.actions [7718]: NOTICE [tor] Ban 104.244.78.232 2026-04-24 15:00:02,345 fail2ban.actions [7718]: NOTICE [tor] Ban 104.244.78.232 2026-04-24 18:00:03,040 fail2ban.actions [7718]: NOTICE [tor] Ban 104.244.78.232 2026-04-24 21:00:10,516 fail2ban.actions [7718]: NOTICE [tor] Ban 104.244.78.232 2026-04-25 00:00:03,439 fail2ban.actions [7718]: NOTICE [tor] Ban 104.244.78.232 show less	Brute-Force

Showing 1 to 15 of 110 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.129

🇩🇪 136.243.145.181

🇨🇳 120.48.199.28

🇮🇳 103.216.145.2

🇳🇱 45.148.10.183

🇨🇭 40.107.168.106

🇮🇷 193.151.140.91

🇮🇳 103.155.212.70

🇲🇰 95.86.44.228

🇰🇿 95.58.192.130

🇧🇷 45.233.218.160

🇧🇪 34.62.33.0

🇬🇧 2a06:4880:6000::

🇫🇷 143.244.57.118

🇫🇷 92.103.134.183

🇷🇺 77.79.168.18

🇰🇷 59.16.212.232

🇳🇱 45.156.128.171

🇳🇱 45.148.10.157

🇻🇳 14.191.226.175