JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.23.239.81

104.23.239.81 was found in our database!

This IP was reported 223 times. Confidence of Abuse is 0%: ?

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Important Note: 104.23.239.81 is an IP address from within our whitelist belonging to the subnet 104.16.0.0/13, which we identify as: "Cloudflare Reverse Proxy".

Whitelisted netblocks are typically owned by trusted entities, such as Google or Microsoft who may use them for search engine spiders. However, these same entities sometimes also provide cloud servers and mail services which are easily abused. Pay special attention when trusting or distrusting these IPs.

Report 104.23.239.81

Whois 104.23.239.81

IP Abuse Reports for 104.23.239.81:

This IP address has been reported a total of 223 times from 74 distinct sources. 104.23.239.81 was first reported on July 9th 2025, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 updown.io	2026-02-24 06:14:55 (3 months ago)	{"level":"info","ts":1771911565.7436628,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1771911565.7436628,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"104.23.239.81","remote_port":"11522","client_ip":"104.23.239.81","proto":"HTTP/1.1","method":"GET","host":"status.jenskegelmann.de","uri":"/wp-content/plugins/hellopress/wp_filemanager.php","headers":{"Cf-Ray":["9d2c9f559b7fec9a-FRA"],"Cdn-Loop":["cloudflare; loops=1"],"X-Forwarded-Proto":["https"],"Connection":["Keep-Alive"],"Accept-Encoding":["gzip, br"],"Cf-Connecting-Ip":["68.221.129.30"],"Cf-Ipcountry":["ES"],"Cf-Visitor":["{\"scheme\":\"https\"}"],"X-Forwarded-For":["68.221.129.30"]}},"bytes_read":0,"user_id":"","duration":0.000044194,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://status.jenskegelmann.de/wp-content/plugins/hellopress/wp_filemanager.php"],"Content-Type":[]}} {"level":"info","ts":1771911566.186881,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"104.23.239.81","re ... show less	DDoS Attack Web App Attack
🇩🇪 updown.io	2026-02-23 01:09:36 (3 months ago)	{"level":"info","ts":1771806569.2268713,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1771806569.2268713,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"104.23.239.81","remote_port":"13540","client_ip":"104.23.239.81","proto":"HTTP/1.1","method":"GET","host":"status.apostasseguras.com","uri":"/t.php","headers":{"X-Forwarded-Proto":["http"],"Accept-Encoding":["gzip"],"Cf-Ray":["9d229bf19ba6d113-FRA"],"Cdn-Loop":["cloudflare; loops=1"],"Cf-Visitor":["{\"scheme\":\"http\"}"],"Cf-Ipcountry":["FR"],"Connection":["Keep-Alive"],"Cf-Connecting-Ip":["20.199.109.98"],"X-Forwarded-For":["20.199.109.98"]}},"bytes_read":0,"user_id":"","duration":0.000054223,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://status.apostasseguras.com/t.php"],"Content-Type":[]}} {"level":"info","ts":1771808901.8496964,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"104.23.239.81","remote_port":"13870","client_ip":"104.23.239.81","proto":"HTTP/1.1","method":"GET","host" ... show less	DDoS Attack Web App Attack
🇬🇧 pinguin	2026-02-21 01:53:48 (3 months ago)	Triggered Cloudflare WAF (firewallManaged) from DE. Action taken: LOG Protocol: HTTP/2 (GET method) ... show more Triggered Cloudflare WAF (firewallManaged) from DE. Action taken: LOG Protocol: HTTP/2 (GET method) Endpoint: / UA: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇬🇧 openstrike.co.uk	2026-02-13 06:15:39 (3 months ago)	1 attack on TP-Link CVE-2023-1389 URLs: POST /cgi-bin/luci/;stok=/locale?form=country HTTP/1.1	IoT Targeted
🇳🇱 ReporTR	2026-02-06 05:15:23 (3 months ago)	Repeated malicious activity detected by Fail2Ban jail 'plesk-modsecurity'. TCP connection completed. ... show more Repeated malicious activity detected by Fail2Ban jail 'plesk-modsecurity'. TCP connection completed. IP banned. show less	Hacking Web App Attack
🇫🇷 Little Iguana	2026-01-31 13:04:30 (4 months ago)	Attempt to hack Wordpress Login, XMLRPC or other login	Hacking
🇩🇪 Vegascosmetics	2026-01-29 22:50:42 (4 months ago)	Kingcopy(AI-IDS):IP is Probing for Wordpress vulnerabilities WTF:Banned	Hacking Bad Web Bot Web App Attack
Anonymous	2026-01-23 09:45:41 (4 months ago)	[Fri Jan 23 10:45:30.356546 2026] [authz_core:error] [pid 19982] [client 104.23.239.81:13179] AH0163 ... show more [Fri Jan 23 10:45:30.356546 2026] [authz_core:error] [pid 19982] [client 104.23.239.81:13179] AH01630: client denied by server configuration: /etc/httpd/htdocs [Fri Jan 23 10:45:30.410948 2026] [authz_core:error] [pid 19982] [client 104.23.239.81:13179] AH01630: client denied by server configuration: /etc/httpd/htdocs [Fri Jan 23 10:45:41.152514 2026] [authz_core:error] [pid 20189] [client 104.23.239.81:11258] AH01630: client denied by server configuration: /etc/httpd/htdocs ... show less	Web App Attack
Anonymous	2026-01-22 02:32:40 (4 months ago)	[Thu Jan 22 03:24:11.238633 2026] [authz_core:error] [pid 22896] [client 104.23.239.81:10510] AH0163 ... show more [Thu Jan 22 03:24:11.238633 2026] [authz_core:error] [pid 22896] [client 104.23.239.81:10510] AH01630: client denied by server configuration: /etc/httpd/htdocs [Thu Jan 22 03:25:07.832875 2026] [authz_core:error] [pid 7175] [client 104.23.239.81:9715] AH01630: client denied by server configuration: /etc/httpd/htdocs [Thu Jan 22 03:32:39.949947 2026] [authz_core:error] [pid 7510] [client 104.23.239.81:10939] AH01630: client denied by server configuration: /etc/httpd/htdocs ... show less	Web App Attack
Anonymous	2026-01-22 00:58:09 (4 months ago)	[Thu Jan 22 01:57:53.192652 2026] [authz_core:error] [pid 17116] [client 104.23.239.81:14063] AH0163 ... show more [Thu Jan 22 01:57:53.192652 2026] [authz_core:error] [pid 17116] [client 104.23.239.81:14063] AH01630: client denied by server configuration: /etc/httpd/htdocs [Thu Jan 22 01:57:53.451239 2026] [authz_core:error] [pid 17116] [client 104.23.239.81:14063] AH01630: client denied by server configuration: /etc/httpd/htdocs [Thu Jan 22 01:57:53.563470 2026] [authz_core:error] [pid 17116] [client 104.23.239.81:14063] AH01630: client denied by server configuration: /etc/httpd/htdocs ... show less	Web App Attack
🇫🇷 Little Iguana	2026-01-14 09:17:33 (4 months ago)	Attempt to hack Wordpress Login, XMLRPC or other login	Hacking
Anonymous	2026-01-11 08:45:51 (4 months ago)	[Sun Jan 11 09:45:49.667038 2026] [authz_core:error] [pid 6767] [client 104.23.239.81:11459] AH01630 ... show more [Sun Jan 11 09:45:49.667038 2026] [authz_core:error] [pid 6767] [client 104.23.239.81:11459] AH01630: client denied by server configuration: /etc/httpd/htdocs, referer: https://www.google.fr/ [Sun Jan 11 09:45:50.087420 2026] [authz_core:error] [pid 6767] [client 104.23.239.81:11459] AH01630: client denied by server configuration: /etc/httpd/htdocs, referer: https://www.google.de/ [Sun Jan 11 09:45:50.508132 2026] [authz_core:error] [pid 6767] [client 104.23.239.81:11459] AH01630: client denied by server configuration: /etc/httpd/htdocs, referer: https://www.bing.com/ ... show less	Web App Attack
🇵🇱 IROK	2026-01-09 05:47:46 (4 months ago)	Malware/WebShell Scan blocked by ModSecurity ...	Hacking
🇬🇧 pinguin	2026-01-05 23:39:48 (4 months ago)	Triggered Cloudflare WAF (firewallManaged) from DE. Action taken: LOG Protocol: HTTP/2 (GET method) ... show more Triggered Cloudflare WAF (firewallManaged) from DE. Action taken: LOG Protocol: HTTP/2 (GET method) Endpoint: / UA: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2025-12-25 22:00:12 (5 months ago)	\| SQL injection attempt.	Hacking SQL Injection Web App Attack

Showing 181 to 195 of 223 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 218.59.201.12

🇧🇴 190.181.44.194

🇮🇳 168.144.82.178

🇩🇪 167.94.146.38

🇺🇸 132.255.135.178

🇨🇳 116.179.37.90

🇨🇳 223.112.5.139

🇬🇧 185.195.13.17

🇧🇷 177.55.75.243

🇺🇸 132.255.133.190

🇰🇷 119.195.102.159

🇨🇳 116.179.37.150

🇹🇼 114.32.151.97

🇮🇳 106.0.40.57

🇦🇪 91.72.184.50

🇺🇸 75.187.189.97

🇳🇱 45.148.10.152

🇹🇼 211.72.113.187

🇺🇾 190.64.90.158

🇪🇨 181.39.158.25