JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.239.242.103

172.239.242.103 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 68%: ?

68%

This address is a Tor exit node. Neither the owner nor the provider are directly behind the offending action.

ISP	Linode
Usage Type	Data Center/Web Hosting/Transit
ASN	AS63949
Hostname(s)	172-239-242-103.ip.linodeusercontent.com
Domain Name	linode.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.239.242.103

Whois 172.239.242.103

IP Abuse Reports for 172.239.242.103:

This IP address has been reported a total of 16 times from 12 distinct sources. 172.239.242.103 was first reported on June 8th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 taivas.nl	2026-06-14 04:32:53 (1 day ago)	Many_bad_calls	Web App Attack
🇱🇹 SaturdayNightLive	2026-06-14 00:03:55 (1 day ago)	Port scan on 32789	Port Scan Hacking
🇺🇸 xmission.com	2026-06-13 16:44:39 (1 day ago)	Blocked by UFW (TCP on 38667) Source port: 53516 TTL: 44 Packet length: 60 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 38667) Source port: 53516 TTL: 44 Packet length: 60 TOS: 0x08 This report (for 172.239.242.103) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇵🇱 strefapi_com	2026-06-13 08:24:13 (1 day ago)	Brute-force, web ...	Hacking Brute-Force Web App Attack
🇺🇸 xmission.com	2026-06-13 04:10:19 (2 days ago)	Blocked by UFW (TCP on 38667) Source port: 53390 TTL: 42 Packet length: 60 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 38667) Source port: 53390 TTL: 42 Packet length: 60 TOS: 0x08 This report (for 172.239.242.103) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 BlueWire Hosting	2026-06-12 15:08:36 (2 days ago)	Bad bot ignoring robot.txt	Bad Web Bot
🇺🇸 xmission.com	2026-06-12 13:31:59 (2 days ago)	Blocked by UFW (TCP on 6969) Source port: 59442 TTL: 45 Packet length: 60 TOS: 0x08 This report (fo ... show more Blocked by UFW (TCP on 6969) Source port: 59442 TTL: 45 Packet length: 60 TOS: 0x08 This report (for 172.239.242.103) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-11 22:26:28 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 172.239.242.103 (172-239-242-103.ip.linodeuserc ... show more (mod_security) mod_security (id:210492) triggered by 172.239.242.103 (172-239-242-103.ip.linodeusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 18:26:22.866267 2026] [security2:error] [pid 19393:tid 19393] [client 172.239.242.103:48132] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "picklebillystayandplay.com"] [uri "/.git/config"] [unique_id "ais2DsB_r_vL4klM12sycQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2026-06-11 08:21:07 (3 days ago)	block ruleset 1E8A9918B1655D0828F2EEF05553DD2681055C9A	Web Spam
🇩🇪 spam.must.die	2026-06-11 03:35:17 (4 days ago)	IP triggered category <category>	Web App Attack
🇩🇪 psauxit	2026-06-10 19:08:53 (4 days ago)	Fail2Ban - NGINX heavily bad-bot, possible vulnerability scanning and excessive crawling/scraping	Bad Web Bot Web App Attack Hacking Web Spam
🇺🇸 TPI-Abuse	2026-06-10 17:14:58 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 172.239.242.103 (172-239-242-103.ip.linodeuserc ... show more (mod_security) mod_security (id:210492) triggered by 172.239.242.103 (172-239-242-103.ip.linodeusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 13:14:53.436614 2026] [security2:error] [pid 26705:tid 26705] [client 172.239.242.103:52298] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.pianissimo-pp.com"] [uri "/.git/config"] [unique_id "aimbjc8CO1MAgSJhSfxaEQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-06-10 08:03:53 (4 days ago)	Try to access /xmlrpc.php	Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 02:15:08 (5 days ago)	(mod_security) mod_security (id:210801) triggered by 172.239.242.103 (172-239-242-103.ip.linodeuserc ... show more (mod_security) mod_security (id:210801) triggered by 172.239.242.103 (172-239-242-103.ip.linodeusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 22:15:00.427323 2026] [security2:error] [pid 19794:tid 19794] [client 172.239.242.103:48628] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "nessus" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|\|F\|2"] [data "nessus"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "web179.dnchosting.com"] [uri "/api/sonicos/is-sslvpn-enabled"] [unique_id "aijIpMf8gjjoGr2nY9dKwAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-10 00:17:39 (5 days ago)	Abuse Detected (1)	Brute-Force Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 175.19.54.10

🇺🇸 173.9.9.142

🇵🇹 149.90.0.54

🇳🇿 121.73.162.77

🇹🇼 111.70.23.222

🇱🇾 102.203.197.6

🇺🇸 72.24.210.58

🇮🇳 59.97.94.239

🇺🇸 50.48.61.39

🇭🇰 23.249.28.115

🇨🇳 14.103.107.221

🇰🇷 222.116.47.157

🇲🇽 186.96.151.198

🇳🇱 172.235.168.35

🇩🇪 130.12.180.174

🇰🇷 112.184.21.155

🇺🇸 108.190.201.155

🇺🇸 92.118.57.209

🇨🇦 85.217.149.10

🇷🇺 81.13.62.77