JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.197.247.238

104.197.247.238 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 47%: ?

47%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	238.247.197.104.bc.googleusercontent.com
Domain Name	google.com
Country	🇺🇸 United States of America
City	Council Bluffs, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.197.247.238

Whois 104.197.247.238

IP Abuse Reports for 104.197.247.238:

This IP address has been reported a total of 24 times from 11 distinct sources. 104.197.247.238 was first reported on June 8th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 HandyTreff.de	2026-06-10 18:52:50 (2 weeks ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -91.05275 (Bad < -10 / Very Bad < -2 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -91.05275 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0 Safari/537.36 show less	Web App Attack Bad Web Bot
🇫🇷 masterguru	2026-06-10 08:04:19 (2 weeks ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.197.247.238 (US/United States/238.247.197. ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.197.247.238 (US/United States/238.247.197.104.bc.googleusercontent.com): 1 in the last 3600 secs (0-196) show less	Hacking
🇺🇸 mnsf	2026-06-10 01:05:54 (2 weeks ago)	Too many Status 40X (11)	Brute-Force Web App Attack
🇷🇺 DZBOT	2026-06-09 23:31:53 (2 weeks ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-09 22:01:49 (2 weeks ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-08. show less	Web App Attack SSH Hacking
🇨🇭 TheCoon	2026-06-09 19:45:01 (2 weeks ago)	Automated: Credential theft attempt - JSON bomb served	Web App Attack Hacking
🇳🇱 homeshowdomain.nl	2026-06-08 22:09:17 (2 weeks ago)	Auto-ban: >3000 req/min op 2026-06-08	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-06-08 19:31:36 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 104.197.247.238 (238.247.197.104.bc.googleuserc ... show more (mod_security) mod_security (id:210492) triggered by 104.197.247.238 (238.247.197.104.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 15:31:32.603006 2026] [security2:error] [pid 16588:tid 16604] [client 104.197.247.238:38556] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.seanmeriwether.com"] [uri "/.git/config"] [unique_id "aicYlLuxGeZai4rLnfGT-gAAAQs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 19:13:51 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 104.197.247.238 (238.247.197.104.bc.googleuserc ... show more (mod_security) mod_security (id:210492) triggered by 104.197.247.238 (238.247.197.104.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 15:13:46.135233 2026] [security2:error] [pid 25585:tid 25585] [client 104.197.247.238:34628] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "azcrittergetter.com"] [uri "/.git/config"] [unique_id "aicUak3QMZdGycX70wCNzQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-06-08 17:22:43 (2 weeks ago)	Try to access /.git/config	Web App Attack
Anonymous	2026-06-08 17:19:02 (2 weeks ago)	104.197.247.238 - - [09/Jun/2026:01:19:02 +0800] "GET /.git/config HTTP/1.1" 301 236 "-" "Mozilla/5. ... show more 104.197.247.238 - - [09/Jun/2026:01:19:02 +0800] "GET /.git/config HTTP/1.1" 301 236 "-" "Mozilla/5.0 (compatible; Konqueror/4.5; FreeBSD) KHTML/4.5.4 (like Gecko)" ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 16:17:31 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 104.197.247.238 (238.247.197.104.bc.googleuserc ... show more (mod_security) mod_security (id:210492) triggered by 104.197.247.238 (238.247.197.104.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 12:17:24.375374 2026] [security2:error] [pid 11011:tid 11011] [client 104.197.247.238:44058] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ticmatopografiaeingenieria.com.spyasociados.com"] [uri "/.git/config"] [unique_id "aibrFEXBe4ObpQbExrHlpwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 13:35:12 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 104.197.247.238 (238.247.197.104.bc.googleuserc ... show more (mod_security) mod_security (id:210492) triggered by 104.197.247.238 (238.247.197.104.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 09:35:04.864534 2026] [security2:error] [pid 18536:tid 18536] [client 104.197.247.238:55202] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.track.mailperform.com"] [uri "/.git/config"] [unique_id "aibFCEKtXgV9rYx1MYX6VwAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 12:54:41 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 104.197.247.238 (238.247.197.104.bc.googleuserc ... show more (mod_security) mod_security (id:210492) triggered by 104.197.247.238 (238.247.197.104.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 08:54:34.223647 2026] [security2:error] [pid 26105:tid 26105] [client 104.197.247.238:42384] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.nutandboltguy.com"] [uri "/.git/config"] [unique_id "aia7ijaGxKlwvJYtEGjQwAAAAGY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-08 11:05:28 (2 weeks ago)	Abuse Detected (2)	Brute-Force Web App Attack

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 36.137.49.71

🇬🇧 217.154.38.181

🇧🇪 198.235.24.141

🇮🇳 143.110.182.33

🇰🇷 58.65.73.22

🇮🇳 20.244.90.19

🇺🇸 17.241.75.61

🇧🇷 153.67.110.87

🇨🇳 110.52.234.87

🇳🇱 91.92.40.233

🇫🇷 85.217.140.2

🇫🇷 38.242.143.220

🇨🇦 20.63.103.145

🇧🇷 201.17.133.138

🇧🇷 177.223.120.204

🇧🇷 177.11.247.162

🇳🇱 176.65.148.4

🇨🇳 171.38.219.177

🇺🇸 103.143.238.100

🇱🇹 62.60.130.219