JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.28.161.70

104.28.161.70 was found in our database!

This IP was reported 106 times. Confidence of Abuse is 29%: ?

29%

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇺🇸 United States of America
City	Kent, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.28.161.70

Whois 104.28.161.70

IP Abuse Reports for 104.28.161.70:

This IP address has been reported a total of 106 times from 55 distinct sources. 104.28.161.70 was first reported on August 25th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-04-29 08:49:56 (1 month ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-197) show less	Bad Web Bot
🇩🇪 AetherFox	2026-04-29 01:05:56 (1 month ago)	AetherFox VoidGuard detected: [Wed Apr 29 01:05:52.820081 2026] [authz_core:error] [pid 1519889:tid ... show more AetherFox VoidGuard detected: [Wed Apr 29 01:05:52.820081 2026] [authz_core:error] [pid 1519889:tid 1519896] [client 104.28.161.70:29960] AH01630: client denied by server configuration: proxy:https://[MASKED]/file.php, referer: http://draconigen.com/file.php [Wed Apr 29 01:05:54.565908 2026] [authz_core:error] [pid 1519889:tid 1519895] [client 104.28.161.70:29960] AH01630: client denied by server configuration: proxy:https://[MASKED]/flower.php, referer: http://draconigen.com/flower.php [Wed Apr 29 01:05:55.091509 2026] [authz_core:error] [pid 1519889:tid 1519905] [client 104.28.161.70:29960] AH01630: client denied by server configuration: proxy:https://[MASKED]/gifclass.php, referer: http://draconigen.com/gifclass.php#888xyz999 [Wed Apr 29 01:05:55.460057 2026] [authz_core:error] [pid 1519889:tid 1519901] [client 104.28.161.70:29960] AH01630: client denied by server configuration: proxy:https://[MASKED]/bless.php, referer: http://draconigen.com/bless.ph ... show less	Bad Web Bot Web App Attack
🇩🇪 BlueWire Hosting	2026-04-28 21:25:45 (1 month ago)	Bad bot ignoring robot.txt	Bad Web Bot
🇫🇷 Campus France	2026-04-28 13:09:51 (1 month ago)	[Tue Apr 28 15:09:49.074744 2026] [php:error] [pid 1978221] [client 104.28.161.70:30632] script '/va ... show more [Tue Apr 28 15:09:49.074744 2026] [php:error] [pid 1978221] [client 104.28.161.70:30632] script '/var/www/html/campus-perpignan/style.php' not found or unable to stat, referer: http://perpignan.radio-campus.fr/style.php [Tue Apr 28 15:09:49.398241 2026] [php:error] [pid 1978221] [client 104.28.161.70:30632] script '/var/www/html/campus-perpignan/wp-content/style.php' not found or unable to stat, referer: http://perpignan.radio-campus.fr/wp-content/style.php [Tue Apr 28 15:09:49.712397 2026] [php:error] [pid 1978221] [client 104.28.161.70:30632] script '/var/www/html/campus-perpignan/wp-content/themes/style.php' not found or unable to stat, referer: http://perpignan.radio-campus.fr/wp-content/themes/style.php [Tue Apr 28 15:09:50.016735 2026] [php:error] [pid 1978221] [client 104.28.161.70:30632] script '/var/www/html/campus-perpignan/wp-admin/style.php' not found or unable to stat, referer: http://perpignan.radio-campus.fr/wp-admin/style.php [Tue Apr 28 15:09:50.328554 2026] [php:error ... show less	Brute-Force Web App Attack
🇩🇪 todix	2026-04-27 21:52:33 (1 month ago)	WebAttack or semilar from 104.28.161.70	Web App Attack
🇵🇱 strefapi_com	2026-04-27 17:55:16 (1 month ago)	Brute-force on web app ...	Brute-Force Web App Attack
🇩🇪 filstal.org	2026-04-26 11:12:42 (1 month ago)	Security scan or malicious bot activity detected by Fail2Ban	Bad Web Bot Web App Attack
🇦🇹 Erpelstolz	2026-04-26 10:33:10 (1 month ago)	VM 131: 104.28.161.70 - - [26/Apr/2026:12:33:09 +0200] "GET /wp-admin/style.php HTTP/1.1" 301 708	Web App Attack
🇮🇹 Inartis	2026-04-26 10:11:39 (1 month ago)	104.28.161.70 - - [26/Apr/2026:12:11:39 +0200] "GET /style.php HTTP/1.1" 302 411 "-" "Go-http-client ... show more 104.28.161.70 - - [26/Apr/2026:12:11:39 +0200] "GET /style.php HTTP/1.1" 302 411 "-" "Go-http-client/1.1" ... show less	Brute-Force Bad Web Bot Web App Attack
🇮🇳 Genhost	2026-04-25 13:35:07 (1 month ago)	SCANNING OF PHP SHELL FILES	Brute-Force SSH
🇬🇧 consul.to	2026-04-18 09:57:08 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇸🇪 Lemmy	2026-04-04 08:02:04 (2 months ago)		Web App Attack
🇺🇦 URAN Publishing Service	2026-04-04 06:44:00 (2 months ago)	104.28.161.70 - - [04/Apr/2026:09:43:59 +0300] "GET /wp-content/style.php HTTP/1.1" 404 713 "-" "Go- ... show more 104.28.161.70 - - [04/Apr/2026:09:43:59 +0300] "GET /wp-content/style.php HTTP/1.1" 404 713 "-" "Go-http-client/1.1" 104.28.161.70 - - [04/Apr/2026:09:43:59 +0300] "GET /wp-content/themes/style.php HTTP/1.1" 404 713 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇮🇩 securejdprop	2026-04-04 04:01:34 (2 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET INFO Go-http-cl ... show more This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET INFO Go-http-client User-Agent Observed Inbound). Ip 104.28.161.70 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2026-04-04 04:01:33.354279206 +0000 UTC show less	Hacking Web App Attack
🇬🇧 poundawebsiteltd	2026-04-03 04:56:23 (2 months ago)	Apache 403 Forbidden Access. Evidence: [REDACTED_DOMAIN]:443 104.28.161.70 - - [03/Apr/2026:05:56:22 ... show more Apache 403 Forbidden Access. Evidence: [REDACTED_DOMAIN]:443 104.28.161.70 - - [03/Apr/2026:05:56:22 +0100] GET /communities/policing-reformation-community/pr-community-welcome/lufix1.php HTTP/2.0 403 41 http://[REDACTED_DOMAIN]/lufix1.php#lufix Go-http-client/2.0 show less	Web App Attack

Showing 1 to 15 of 106 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 81.19.216.118

🇨🇦 15.235.98.0

🇰🇷 211.228.217.178

🇮🇩 202.10.42.109

🇩🇪 157.230.21.37

🇬🇧 45.82.76.136

🇺🇸 45.41.173.155

🇸🇦 37.224.104.9

🇧🇪 34.78.29.97

🇭🇰 23.249.28.115

🇰🇷 4.230.28.141

🇬🇧 185.247.137.5

🇳🇱 158.173.21.161

🇺🇸 147.185.132.187

🇨🇳 117.187.112.204

🇬🇧 35.203.211.150

🇯🇵 8.216.32.76

🇺🇸 3.140.194.18

🇨🇳 106.13.183.241

🇨🇿 82.118.30.74