JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.28.202.178

104.28.202.178 was found in our database!

This IP was reported 1,405 times. Confidence of Abuse is 77%: ?

77%

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇺🇸 United States of America
City	New York City, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.28.202.178

Whois 104.28.202.178

IP Abuse Reports for 104.28.202.178:

This IP address has been reported a total of 1,405 times from 475 distinct sources. 104.28.202.178 was first reported on August 4th 2022, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇺 BellFix	2026-05-22 14:09:27 (2 weeks ago)	Fail2ban reported 104.28.202.178 for npm-docker	Web App Attack
🇷🇺 BellFix	2026-05-19 15:53:56 (2 weeks ago)	Fail2ban reported 104.28.202.178 for npm-docker	Web App Attack
🇷🇺 BellFix	2026-05-12 01:11:30 (3 weeks ago)	Fail2ban reported 104.28.202.178 for npm-docker	Web App Attack
Anonymous	2026-05-06 03:21:39 (1 month ago)	"GET /.aws/config HTTP/1.1"	Hacking Web App Attack
🇺🇸 kosada.com	2026-05-05 14:23:14 (1 month ago)	Web vulnerability probing: /web/.env	Web App Attack
🇩🇪 paissangroup	2026-05-05 11:25:50 (1 month ago)	Multiple WAF Violations	Web App Attack
🇬🇧 consul.to	2026-05-05 08:43:18 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 4server	2026-05-05 07:18:12 (1 month ago)	[TueMay0509:18:08.8388352026][security2:error][pid1378443:tid1378578][client104.28.202.178:0]ModSecu ... show more [TueMay0509:18:08.8388352026][security2:error][pid1378443:tid1378578][client104.28.202.178:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"www.artisteer-italia.org\"][uri\"/.env.development\"][unique_id\"afmZsPMyIomyc8d-AE0QbQAAARQ\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 S.O.B.A. Dev.	2026-05-04 15:12:02 (1 month ago)	Threat Blocked by BeeHive from (ASN:13335) (Network:Cloudflare, Inc.) (Host:soba.dev) (Method:GET) ( ... show more Threat Blocked by BeeHive from (ASN:13335) (Network:Cloudflare, Inc.) (Host:soba.dev) (Method:GET) (Protocol:HTTP/1.1) (Timestamp:2026-05-04T15:12:02Z) show less	Brute-Force Web Spam Web App Attack
🇯🇵 S.O.B.A. Dev.	2026-05-04 04:20:59 (1 month ago)	Web vulnerability scanning	Brute-Force Web Spam Web App Attack
🇺🇸 S.O.B.A. Dev.	2026-05-04 04:20:59 (1 month ago)	Threat Blocked by BeeHive from (ASN:13335) (Network:Cloudflare, Inc.) (Host:soba.dev) (Method:GET) ( ... show more Threat Blocked by BeeHive from (ASN:13335) (Network:Cloudflare, Inc.) (Host:soba.dev) (Method:GET) (Protocol:HTTP/1.1) (Timestamp:2026-05-04T04:20:59Z) show less	Brute-Force Web Spam Web App Attack
Anonymous	2026-05-03 22:49:11 (1 month ago)	104.28.202.178 - - [04/May/2026:07:49:09 +0900] "GET /app/.env HTTP/1.1" 403 3833 "-" "Mozilla/5.0 ( ... show more 104.28.202.178 - - [04/May/2026:07:49:09 +0900] "GET /app/.env HTTP/1.1" 403 3833 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/131.0.0.0 Safari/537.36" 104.28.202.178 - - [04/May/2026:07:49:09 +0900] "GET /api/.env HTTP/1.1" 403 3833 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/131.0.0.0 Safari/537.36" 104.28.202.178 - - [04/May/2026:07:49:11 +0900] "GET /.env HTTP/1.1" 403 3833 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/131.0.0.0 Safari/537.36" 104.28.202.178 - - [04/May/2026:07:49:11 +0900] "GET /aws_credentials.json HTTP/1.1" 403 3833 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/131.0.0.0 Safari/537.36" 104.28.202.178 - - [04/May/2026:07:49:11 +0900] "GET /.env.local HTTP/1.1" 403 3833 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/131.0.0.0 Safari/537.36" ... show less	Brute-Force
🇬🇧 consul.to	2026-05-03 21:27:15 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 S.O.B.A. Dev.	2026-05-02 18:57:35 (1 month ago)	Threat Blocked by BeeHive from (ASN:13335) (Network:Cloudflare, Inc.) (Host:soba.dev) (Method:GET) ( ... show more Threat Blocked by BeeHive from (ASN:13335) (Network:Cloudflare, Inc.) (Host:soba.dev) (Method:GET) (Protocol:HTTP/1.1) (Timestamp:2026-05-02T18:57:35Z) show less	Brute-Force Web Spam Web App Attack
🇬🇧 consul.to	2026-05-02 16:26:57 (1 month ago)	Web attack/malicious scanning detected	Web App Attack

Showing 1 to 15 of 1405 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.12

🇿🇼 197.221.232.44

🇵🇦 190.34.108.225

🇳🇱 185.242.226.17

🇺🇸 185.226.196.22

🇫🇷 163.5.241.45

🇩🇪 161.35.65.86

🇭🇰 107.150.119.136

🇵🇬 103.234.50.49

🇸🇪 82.183.15.80

🇮🇶 65.20.204.88

🇯🇵 18.179.183.64

🇪🇬 195.246.57.4

🇺🇸 104.159.220.50

🇻🇳 42.112.218.83

🇺🇬 196.0.242.54

🇻🇳 116.110.3.83

🇮🇩 112.215.170.84

🇭🇰 103.226.154.72

🇮🇹 78.134.96.238