JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.156.239.228

104.156.239.228 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 76%: ?

76%

ISP	Vultr Holdings, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS20473
Hostname(s)	104.156.239.228.vultrusercontent.com
Domain Name	vultr.com
Country	🇯🇵 Japan
City	Oi, Saitama

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.156.239.228

Whois 104.156.239.228

IP Abuse Reports for 104.156.239.228:

This IP address has been reported a total of 15 times from 13 distinct sources. 104.156.239.228 was first reported on June 14th 2026, and the most recent report was 20 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇽 octageeks.com	2026-06-16 04:21:55 (20 hours ago)	Wordpress malicious attack:[octascan]	Web App Attack
🇩🇪 expandmade.com	2026-06-15 18:19:04 (1 day ago)	trolling for resource vulnerabilities [15/Jun/2026:18:19:04 "GET /wp-content/plugins/fix/up.php"]	Web App Attack
🇫🇷 _tom	2026-06-15 16:52:26 (1 day ago)	Automated report (2026-06-15T18:52:26+02:00). Caught probing for webshells/backdoors. Host might be ... show more Automated report (2026-06-15T18:52:26+02:00). Caught probing for webshells/backdoors. Host might be compromised. show less	Hacking Exploited Host Web App Attack Open Proxy
🇺🇸 etu brutus	2026-06-15 16:35:12 (1 day ago)	104.156.239.228 has been banned for [WebApp Attack] ...	Hacking Bad Web Bot Web App Attack
🇫🇷 _tom	2026-06-15 16:19:52 (1 day ago)	Automated report (2026-06-15T18:19:52+02:00). Caught probing for webshells/backdoors. Host might be ... show more Automated report (2026-06-15T18:19:52+02:00). Caught probing for webshells/backdoors. Host might be compromised. show less	Hacking Exploited Host Web App Attack Open Proxy
🇩🇪 Lino Project	2026-06-15 13:25:22 (1 day ago)	104.156.239.228 - - [15/Jun/2026:15:25:19 +0200] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 404 5 ... show more 104.156.239.228 - - [15/Jun/2026:15:25:19 +0200] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 404 54369 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-06-15 07:00:15 (1 day ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇸🇬 securejdprop	2026-06-15 03:18:38 (1 day ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing. crowdsecurity/http-probing	Hacking Web App Attack
🇺🇸 mnsf	2026-06-15 00:17:35 (2 days ago)	Too many Status 40X (31)	Brute-Force Web App Attack
🇩🇪 Lino Project	2026-06-14 22:11:29 (2 days ago)	104.156.239.228 - - [15/Jun/2026:00:11:28 +0200] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 404 5 ... show more 104.156.239.228 - - [15/Jun/2026:00:11:28 +0200] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 404 54369 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-14 22:10:44 (2 days ago)	104.156.239.228 - - [14/Jun/2026:19:10:41 -0300] "GET //wp-content/plugins/fix/up.php HTTP/1.1" 301 ... show more 104.156.239.228 - - [14/Jun/2026:19:10:41 -0300] "GET //wp-content/plugins/fix/up.php HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36" 104.156.239.228 - - [14/Jun/2026:19:10:42 -0300] "GET //wp-content/plugins/fix/up.php HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36" 104.156.239.228 - - [14/Jun/2026:19:10:43 -0300] "GET //wp-content/plugins/fix/up.php HTTP/1.1" 404 826 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36" ... show less	Port Scan
🇷🇺 Deynekin.com	2026-06-14 21:42:03 (2 days ago)	This IP address has been identified as part of a botnet infrastructure used by threat actors, indica ... show more This IP address has been identified as part of a botnet infrastructure used by threat actors, indicating automated and malicious activity. show less	Fraud Orders Web App Attack SSH Web Spam FTP Brute-Force Phishing Email Spam Port Scan Brute-Force Exploited Host Hacking SQL Injection
🇫🇷 pm33	2026-06-14 21:37:32 (2 days ago)	Excessive crawling HTTP 404	Web App Attack
🇭🇰 Mehmet_The_Script_Kiddie	2026-06-14 20:31:19 (2 days ago)	AUTOMATED REPORT: Vulnerability scan: //wp-content/plugins/fix/up.php	Bad Web Bot Web App Attack
Anonymous	2026-06-14 20:27:56 (2 days ago)	Multiple, malicious web requests detected	Port Scan Hacking

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 189.131.189.32

🇬🇧 178.62.56.215

🇻🇳 171.244.37.97

🇺🇸 165.154.172.224

🇨🇴 161.10.68.132

🇭🇰 154.221.20.215

🇨🇳 122.51.3.16

🇨🇦 104.255.152.19

🇿🇲 104.23.192.134

🇻🇳 103.241.43.193

🇫🇷 13.39.158.196

🇺🇸 209.141.60.58

🇲🇴 182.93.50.90

🇨🇳 171.111.196.251

🇰🇷 168.110.102.254

🇺🇸 162.216.150.66

🇨🇳 123.178.210.163

🇮🇳 106.215.172.125

🇻🇳 103.166.184.148

🇺🇸 74.208.140.41