This IP address has been reported a total of
23
times from
22 distinct
sources.
104.28.205.85 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
(mod_security) mod_security triggered on hostname [redacted] 104.28.205.85 (US/United States/Florida ...
show more(mod_security) mod_security triggered on hostname [redacted] 104.28.205.85 (US/United States/Florida/Miami/-)
show less
Malicious activity in general-malicious. Evidence: (apache_probe) Failed Access (403/404) 104.28.205 ...
show moreMalicious activity in general-malicious. Evidence: (apache_probe) Failed Access (403/404) 104.28.205.85 (DE/Germany/-): 20 in the last 3600 secs | UA: (apache_probe) Failed Access (403/404) 104.28.205.85 (DE/Germany/-): 20 in the last 3600 secs
show less
Brute-Force
Web App Attack
Anonymous
(caddyscan) Scanner path probe from 104.28.205.85 (DE/Germany/-): 5 in the last 3600 secs; Ports: *; ...
show more(caddyscan) Scanner path probe from 104.28.205.85 (DE/Germany/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 104.28.205.85 - - [07/Jul/2026:15:43:20 +0000] "GET /.env HTTP/1.1"
[REDACTED] 200 2627 104.28.205.85 - - [07/Jul/2026:15:43:20 +0000] "GET /.env.old HTTP/1.1"
[REDACTED] 200 2627 104.28.205.85 - - [07/Jul/2026:15:43:20 +0000] "GET /backend/.env HTTP/1.1"
[REDACTED] 200 2627 104.28.205.85 - - [07/Jul/2026:15:43:20 +0000] "GET /.env.local HTTP/1.1"
[REDACTED] 200 2627 104.28.205.85 - - [07/Jul/2026:15:43:20 +0000] "GET /.env.example HTTP/1.1"
show less