JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.245.240.26

104.245.240.26 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 25%: ?

25%

ISP	VitalKey
Usage Type	Fixed Line ISP
ASN	AS213954
Domain Name	vitalkey.io
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.245.240.26

Whois 104.245.240.26

IP Abuse Reports for 104.245.240.26:

This IP address has been reported a total of 13 times from 5 distinct sources. 104.245.240.26 was first reported on February 21st 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Vegascosmetics	2026-05-29 05:52:37 (1 week ago)	Kingcopy(AI-IDS):IP is Probing for Multiple vulnerabilities WTF:Banned	Hacking Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-21 22:26:35 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 104.245.240.26 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.245.240.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 18:26:29.438990 2026] [security2:error] [pid 7808:tid 7808] [client 104.245.240.26:22007] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "drdot.xyz"] [uri "/wp-config.php.orig"] [unique_id "ag-GlS6NeinrwgCS5nC2ZAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 21:01:36 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 104.245.240.26 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.245.240.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 17:01:01.640296 2026] [security2:error] [pid 10504:tid 10504] [client 104.245.240.26:32771] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.weightlossover50.customdesignsbybjp.com"] [uri "/wp-config.php.save"] [unique_id "ag4hDQBogmE4MDM6tt1dUAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 16:30:38 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 104.245.240.26 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.245.240.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 12:30:31.696228 2026] [security2:error] [pid 2006:tid 2009] [client 104.245.240.26:60037] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.txt" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "miraclebrow.com"] [uri "/wp-config.txt"] [unique_id "ag3hp7ivRSlOQEQkq_kRlgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-05-17 14:55:38 (2 weeks ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-201)	Hacking Web App Attack
🇩🇪 LRob.fr	2026-05-01 01:00:05 (1 month ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇨🇭 backslash	2026-04-19 05:15:09 (1 month ago)		Bad Web Bot
🇩🇪 LRob.fr	2026-04-16 22:00:03 (1 month ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇫🇷 masterguru	2026-04-14 23:31:21 (1 month ago)	Too much 404 requests in 1 minute. Operator GE matched 10 at IP:block_script. (46020-197)	Hacking
🇺🇸 TPI-Abuse	2026-02-28 07:00:46 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 104.245.240.26 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.245.240.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 28 02:00:39.376565 2026] [security2:error] [pid 32660:tid 32660] [client 104.245.240.26:51357] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|unionega.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "unionega.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aaKSl2cRdg7aJfEpyH5dtQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-28 03:25:56 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 104.245.240.26 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.245.240.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 27 22:25:49.974286 2026] [security2:error] [pid 323:tid 335] [client 104.245.240.26:16841] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|teritemme.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "teritemme.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aaJgPevHLHubX5whtijAbQAAAUY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-21 08:18:57 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 104.245.240.26 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.245.240.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 21 03:18:50.760817 2026] [security2:error] [pid 21057:tid 21057] [client 104.245.240.26:31093] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|kh6jim.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kh6jim.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZlqanUqZZ66TevlW7vpqQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-21 03:05:59 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 104.245.240.26 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.245.240.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 22:05:50.944893 2026] [security2:error] [pid 1154:tid 1154] [client 104.245.240.26:26391] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|renjunews.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "renjunews.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZkhDq9iDgFfBV3zUGSpSAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a940:301:225:0:11::

🇺🇸 207.90.244.4

🇬🇧 89.37.172.137

🇩🇪 80.239.186.117

🇧🇷 45.205.1.62

🇰🇷 220.124.221.144

🇺🇸 162.216.150.138

🇨🇳 120.229.67.98

🇮🇳 110.225.255.179

🇮🇩 103.156.16.199

🇺🇸 73.0.235.30

🇹🇭 49.49.139.81

🇳🇱 45.148.10.206

🇭🇰 45.142.154.87

🇩🇪 43.228.157.10

🇬🇧 37.156.65.84

🇰🇬 212.241.13.74

🇲🇽 187.154.100.150

🇰🇷 112.162.111.205

🇲🇲 103.83.189.133