JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.245.242.13

104.245.242.13 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 3%: ?

ISP	VitalKey
Usage Type	Data Center/Web Hosting/Transit
ASN	AS213954
Domain Name	vitalkey.io
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.245.242.13

Whois 104.245.242.13

IP Abuse Reports for 104.245.242.13:

This IP address has been reported a total of 13 times from 7 distinct sources. 104.245.242.13 was first reported on January 4th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-09 19:54:54 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 104.245.242.13 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.245.242.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 15:54:36.165386 2026] [security2:error] [pid 25088:tid 25088] [client 104.245.242.13:35243] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.csm-dtc.com"] [uri "/wp-config.php.copy"] [unique_id "aihvfCqoEo9MGBTYH5H7WQAAAEY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-03-26 18:00:28 (2 months ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇪🇸 el-brujo	2026-03-24 04:31:59 (2 months ago)	Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: Chrome/ ... show more Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: Chrome/92.2 Safari/532.52 Action: managed_challenge Source: firewallManaged ASN Description: GTS-AS Country: SE Method: POST Timestamp: 2026-03-24T04:31:59Z ruleId: 5de7edfa648c4d6891dc3e7f84534ffa. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇪🇸 el-brujo	2026-03-22 01:49:05 (2 months ago)	Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: Mozilla ... show more Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:146.0) Gecko/20100101 Firefox/146.0 Action: managed_challenge Source: firewallManaged ASN Description: GTS-AS Country: SE Method: POST Timestamp: 2026-03-22T01:49:05Z ruleId: 5de7edfa648c4d6891dc3e7f84534ffa. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇩🇪 MusicLibrary	2026-03-21 12:14:45 (2 months ago)	Attempted access to non existent wordpress urls	Bad Web Bot
🇮🇩 BPS-StatisticsIndonesia	2026-03-20 15:54:36 (2 months ago)	XML RPC Scan Activities: "2026-03-20T22:54:36.623+07:00" "/xmlrpc.php" "104.245.242.13" "Chrome/96.6 ... show more XML RPC Scan Activities: "2026-03-20T22:54:36.623+07:00" "/xmlrpc.php" "104.245.242.13" "Chrome/96.6 Safari/536.56" show less	Web App Attack Brute-Force
🇪🇸 el-brujo	2026-03-19 10:02:00 (2 months ago)	Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: AppleWe ... show more Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: AppleWebKit/536.36 (KHTML, like Gecko111) Action: managed_challenge Source: firewallManaged ASN Description: GTS-AS Country: SE Method: GET Timestamp: 2026-03-19T10:02:00Z ruleId: 5de7edfa648c4d6891dc3e7f84534ffa. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2026-03-16 12:09:33 (3 months ago)	XML RPC Scan Activities: "2026-03-16T19:09:33.695+07:00" "/xmlrpc.php" "104.245.242.13" "AppleWebKit ... show more XML RPC Scan Activities: "2026-03-16T19:09:33.695+07:00" "/xmlrpc.php" "104.245.242.13" "AppleWebKit/537.37 (KHTML, like Gecko111)" show less	Web App Attack Brute-Force
🇮🇩 BPS-StatisticsIndonesia	2026-03-15 17:25:56 (3 months ago)	XML RPC Scan Activities: "2026-03-16T00:25:56.208+07:00" "/xmlrpc.php" "104.245.242.13" "Chrome/96.6 ... show more XML RPC Scan Activities: "2026-03-16T00:25:56.208+07:00" "/xmlrpc.php" "104.245.242.13" "Chrome/96.6 Safari/536.56" show less	Web App Attack Brute-Force
🇧🇪 voormedia	2026-03-14 13:20:13 (3 months ago)	Accessed trap at '/xmlrpc.php'	Web App Attack
🇩🇪 MusicLibrary	2026-03-09 12:35:55 (3 months ago)	Attempted access to non existent wordpress urls	Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-05 19:39:57 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.245.242.13 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.245.242.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 05 14:39:25.690996 2026] [security2:error] [pid 4821:tid 4821] [client 104.245.242.13:26935] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.csm-dtc.com"] [uri "/wp-config.php.copy"] [unique_id "aanb7aqt9rby0NMYJ1-FQQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-04 22:30:46 (5 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 117.247.23.131

🇫🇷 85.217.140.30

🇩🇪 69.5.169.161

🇨🇳 60.164.192.161

🇨🇳 221.12.37.6

🇨🇳 218.8.139.114

🇲🇽 187.191.48.4

🇨🇳 120.228.140.157

🇨🇳 101.96.203.52

🇷🇴 94.156.152.234

🇩🇪 69.5.169.50

🇸🇬 47.128.61.190

🇸🇪 44.5.169.39

🇷🇺 5.167.64.166

🇷🇺 188.143.233.192

🇺🇸 172.202.118.67

🇺🇸 155.117.47.133

🇮🇶 151.236.165.185

🇫🇷 91.231.89.77

🇨🇱 45.181.120.160