JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.209.11.210

104.209.11.210 was found in our database!

This IP was reported 56 times. Confidence of Abuse is 99%: ?

99%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.209.11.210

Whois 104.209.11.210

IP Abuse Reports for 104.209.11.210:

This IP address has been reported a total of 56 times from 35 distinct sources. 104.209.11.210 was first reported on July 21st 2025, and the most recent report was 34 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 geot	2026-06-04 12:05:08 (34 minutes ago)	GET /config/database.yml HTTP/1.1 GET /backup.sql HTTP/1.1 GET /.env HTTP/1.1 GET /server-status HTT ... show more GET /config/database.yml HTTP/1.1 GET /backup.sql HTTP/1.1 GET /.env HTTP/1.1 GET /server-status HTTP/1.1 GET /.env.backup HTTP/1.1 GET /.env.local HTTP/1.1 GET /app/config/parameters.yml HTTP/1.1 GET /.aws/credentials HTTP/1.1 GET /.htpasswd HTTP/1.1 GET /.DS_Store HTTP/1.1 GET /.git/config HTTP/1.1 GET /wp-config.php HTTP/1.1 GET /.env.save HTTP/1.1 GET /actuator/env HTTP/1.1 show less	Hacking Bad Web Bot Web App Attack
🇺🇸 gu-alvareza	2026-06-03 07:05:24 (1 day ago)	HTPasswd.Access	Brute-Force
Anonymous	2026-06-03 06:40:09 (1 day ago)	Repeated unauthorized connection attempts to restricted service observed.	Port Scan Hacking Bad Web Bot
🇵🇱 nfsec.pl	2026-06-03 06:37:23 (1 day ago)	Detected: TCP scan on port: 8080 with flags: SYN	Port Scan
🇩🇪 joharikop	2026-06-03 06:24:33 (1 day ago)	Nginx: credential/secret file probe (/.env, /.git, /.aws etc). Automated ban via fail2ban nginx-cred ... show more Nginx: credential/secret file probe (/.env, /.git, /.aws etc). Automated ban via fail2ban nginx-credential-probes jail. show less	Web App Attack
Anonymous	2026-06-03 06:07:27 (1 day ago)	PROTO=TCP DPT=2082	Port Scan Hacking
Anonymous	2026-06-03 06:03:54 (1 day ago)	PORT & IP Scan.	Port Scan Brute-Force
🇺🇸 TPI-Abuse	2026-06-03 05:29:24 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 104.209.11.210 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.209.11.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 01:29:19.149700 2026] [security2:error] [pid 30738:tid 30738] [client 104.209.11.210:27978] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.194"] [uri "/.git/HEAD"] [unique_id "ah-7r0dDyKuRBddBHecriAAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 femboy.cat	2026-06-03 05:16:45 (1 day ago)	Port scan to tcp/2087 from 104.209.11.210	Brute-Force
🇦🇺 FireGuard Server	2026-06-02 22:40:03 (1 day ago)	Blocked by OPNsense firewall; 12 hits, proto=tcp, ports=2082,2083,2086,2087,8080,8443	Port Scan Hacking
🇺🇸 kelliwic.net	2026-06-02 21:39:00 (1 day ago)	Port scan detected (F2B)	Port Scan
🇺🇸 sumnone	2026-06-02 20:42:54 (1 day ago)	Port probing on unauthorized port 2087	Port Scan Hacking Exploited Host
Anonymous	2026-06-02 20:18:27 (1 day ago)	Hit honeypot r.	Port Scan Hacking Exploited Host
🇩🇪 Roper123	2026-06-02 18:28:15 (1 day ago)	Web exploits	Web App Attack
Anonymous	2026-06-02 17:38:24 (1 day ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host

Showing 1 to 15 of 56 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.237

🇫🇷 144.91.91.231

🇬🇧 217.146.80.102

🇰🇷 211.253.10.61

🇸🇾 193.43.145.66

🇯🇵 168.138.197.172

🇭🇰 152.32.226.102

🇮🇩 103.143.12.163

🇺🇸 91.230.168.124

🇧🇬 89.106.123.142

🇺🇸 84.32.131.217

🇸🇬 43.156.136.152

🇬🇧 35.203.210.64

🇰🇷 8.213.137.21

🇺🇸 209.85.210.68

🇺🇸 172.96.182.111

🇸🇬 165.154.205.91

🇮🇳 125.17.233.246

🇺🇸 107.167.34.125

🇺🇸 88.216.73.14