JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.239.53.211

104.239.53.211 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 18%: ?

18%

ISP	FASTPLANET LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS50304
Domain Name	fastplanet.com
Country	🇳🇴 Norway
City	Oslo, Oslo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.239.53.211

Whois 104.239.53.211

IP Abuse Reports for 104.239.53.211:

This IP address has been reported a total of 12 times from 8 distinct sources. 104.239.53.211 was first reported on August 13th 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇪 AutosOnShow	2026-06-23 02:33:05 (3 days ago)	blocked for webapp attack \| path requested: /.env \| seen at 2026-06-23 02:32:17.138 \|	Web App Attack
🇮🇪 AutosOnShow	2026-06-19 19:18:06 (1 week ago)	blocked for webapp attack \| path requested: /.env \| seen at 2026-06-19 19:17:46.230 \|	Web App Attack
🇺🇸 mnsf	2026-06-07 21:05:11 (2 weeks ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇺🇸 Rayulcifer	2026-06-06 16:45:35 (2 weeks ago)	104.239.53.211 - - [06/Jun/2026:11:45:35 -0500] "GET /.env HTTP/1.1" 200 871 "-" "Mozilla/5.0 (Windo ... show more 104.239.53.211 - - [06/Jun/2026:11:45:35 -0500] "GET /.env HTTP/1.1" 200 871 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36" ... show less	Open Proxy Port Scan Hacking Web App Attack SSH
🇺🇸 mnsf	2026-06-04 13:06:42 (3 weeks ago)	Abuse Detected (1)	Brute-Force Web App Attack
Anonymous	2026-03-05 22:53:47 (3 months ago)	Reconnaissance - Environment File Discovery	Web App Attack
🇨🇳 ThreatBook.io	2025-11-30 23:29:26 (6 months ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/104.239.53.211 2025-11 ... show more ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/104.239.53.211 2025-11-30 04:00:59 /.env 2025-11-30 04:00:59 /,{"body":"0x%5B%5D=androxgh0st","content_type":"application/x-www-form-urlencoded","header":{"Accept":["/"],"Accept-Encoding":["gzip"],"Connection":["close"],"Content-Length":["20"],"Content-Type":["application/x-www-form-urlencoded"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36"]},"host":"44.243.95.195","method":"POST","proto":"HTTP/1.1","remote_addr":"104.239.53.211:49153","status_code":200,"url":"/","user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36"} show less	Web App Attack
🇺🇸 ne1for23	2025-10-04 01:39:30 (8 months ago)	Attempt to access invalid virtual host name (###.###.###.###). Typically used to access "internal" ... show more Attempt to access invalid virtual host name (###.###.###.###). Typically used to access "internal" resources improperly exposed externally and "protected" only by a lack of external DNS resolution. 104.239.53.211 - - [04/Oct/2025:01:39:30 +0000] "GET /.env HTTP/1.1" 403 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36" "-" show less	Hacking
🇺🇸 dpinse	2025-09-30 12:11:05 (8 months ago)	teler detected Directory Bruteforce against resource /.env from 104.239.53.211	Bad Web Bot
🇮🇪 AutosOnShow	2025-08-27 08:17:04 (9 months ago)	blocked for webapp attack \| path requested: /.env \| seen at 2025-08-27 08:16:04.534 \|	Web App Attack
🇺🇸 dpinse	2025-08-21 13:38:53 (10 months ago)	teler detected CVE-2017-16894 against resource /.env from 104.239.53.211	Web App Attack
🇨🇴 j458rjqwi348fhjq46	2025-08-13 18:11:43 (10 months ago)	Malicious IP detected by WAF with anomaly score 10.0. Attack types: Exposure of environment file (.e ... show more Malicious IP detected by WAF with anomaly score 10.0. Attack types: Exposure of environment file (.env), Timestamp deviates by 1.2 hours, Suspicious short random path (+1 more). Activity: 129 requests to 2 URLs. Period: 2025-08-13 12:54:51 - 2025-08-13 12:54:51 (America/Bogota). Origin: NO. Source: Automated WAF log analysis. show less	Hacking Web App Attack

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇬 193.24.211.107

🇺🇸 162.216.150.44

🇺🇸 104.174.61.109

🇵🇱 83.168.69.141

🇨🇳 58.37.93.230

🇺🇸 20.171.8.87

🇨🇳 14.103.123.67

🇺🇦 185.104.44.158

🇷🇴 141.98.83.48

🇨🇳 117.81.212.152

🇨🇳 116.179.33.212

🇵🇱 95.214.53.157

🇫🇷 85.217.140.49

🇺🇸 76.79.213.69

🇺🇸 64.62.156.198

🇺🇸 44.220.185.11

🇭🇰 43.128.61.114

🇸🇪 31.208.220.217

🇨🇳 1.85.217.49

🇺🇸 173.19.19.38