JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.28.214.116

104.28.214.116 was found in our database!

This IP was reported 856 times. Confidence of Abuse is 100%: ?

100%

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇺🇸 United States of America
City	St. Louis, Missouri

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.28.214.116

Whois 104.28.214.116

IP Abuse Reports for 104.28.214.116:

This IP address has been reported a total of 856 times from 279 distinct sources. 104.28.214.116 was first reported on January 19th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-23 16:37:21 (1 day ago)	104.28.214.116 - - [23/Jun/2026:18:37:14 +0200] "GET /ms-themes.php HTTP/1.1" 404 35029 "-" "Go-http ... show more 104.28.214.116 - - [23/Jun/2026:18:37:14 +0200] "GET /ms-themes.php HTTP/1.1" 404 35029 "-" "Go-http-client/1.1" 104.28.214.116 - - [23/Jun/2026:18:37:15 +0200] "GET /ms-themes.php HTTP/1.1" 404 8234 "-" "Go-http-client/1.1" 104.28.214.116 - - [23/Jun/2026:18:37:15 +0200] "GET /chosen.php HTTP/1.1" 404 35029 "http://wasarec.org/chosen.php?p=" "Go-http-client/1.1" 104.28.214.116 - - [23/Jun/2026:18:37:16 +0200] "GET /chosen.php HTTP/1.1" 404 8234 "http://wasarec.org/chosen.php?p=" "Go-http-client/1.1" 104.28.214.116 - - [23/Jun/2026:18:37:16 +0200] "GET /file.php HTTP/1.1" 404 35029 "-" "Go-http-client/1.1" 104.28.214.116 - - [23/Jun/2026:18:37:16 +0200] "GET /file.php HTTP/1.1" 404 8234 "-" "Go-http-client/1.1" 104.28.214.116 - - [23/Jun/2026:18:37:17 +0200] "GET /flower.php HTTP/1.1" 404 35029 "-" "Go-http-client/1.1" 104.28.214.116 - - [23/Jun/2026:18:37:17 +0200] "GET /flower.php HTTP/1.1" 404 8234 "-" "Go-http-client/1.1" 104.28.214.116 - - [23/Jun/2026:18:37:17 +0200] "GET /gifcla ... show less	Bad Web Bot Web App Attack
🇩🇪 on-com	2026-06-23 15:10:51 (1 day ago)	URL scan	Brute-Force Web App Attack
🇳🇱 Site.eu	2026-06-23 14:05:13 (1 day ago)	Excessive multi-domain requests	Brute-Force
Anonymous	2026-06-23 13:38:53 (1 day ago)	Banned by Fail2Ban on server	Web App Attack
🇨🇦 electronico	2026-06-23 13:21:16 (1 day ago)	104.28.214.116 - - [24/Jun/2026:00:21:13 +1100] "GET /ms-themes.php HTTP/1.1" 404 5875 "http://host/ ... show more 104.28.214.116 - - [24/Jun/2026:00:21:13 +1100] "GET /ms-themes.php HTTP/1.1" 404 5875 "http://host/ms-themes.php" "Go-http-client/1.1" 104.28.214.116 - - [24/Jun/2026:00:21:14 +1100] "GET /chosen.php?p= HTTP/1.1" 404 2049 "http://host/chosen.php?p=" "Go-http-client/1.1" 104.28.214.116 - - [24/Jun/2026:00:21:14 +1100] "GET /file.php HTTP/1.1" 404 2049 "http://host/file.php" "Go-http-client/1.1" 104.28.214.116 - - [24/Jun/2026:00:21:14 +1100] "GET /flower.php HTTP/1.1" 404 2049 "http://host/flower.php" "Go-http-client/1.1" 104.28.214.116 - - [24/Jun/2026:00:21:14 +1100] "GET /gifclass.php HTTP/1.1" 404 2049 "http://host/gifclass.php#888xyz999" "Go-http-client/1.1" 104.28.214.116 - - [24/Jun/2026:00:21:14 +1100] "GET /bless.php HTTP/1.1" 404 2049 "http://host/bless.php#888xyz999" "Go-http-client/1.1" 104.28.214.116 - - [24/Jun/2026:00:21:14 +1100] "GET /class-t.api.php HTTP/1.1" 404 2049 "http://ele ... show less	Brute-Force Web App Attack
🇩🇪 pscriptos	2026-06-23 12:51:47 (1 day ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing	Web App Attack Hacking
🇨🇦 zXero	2026-06-18 21:05:55 (5 days ago)	Fail2Ban automatic report - jail: no-wordpress	Brute-Force SSH DDoS Attack
🇳🇱 Site.eu	2026-06-17 02:00:08 (1 week ago)	Excessive multi-domain requests	Brute-Force
🇧🇪 boxed-it	2026-06-15 10:34:57 (1 week ago)	GET /wp-admin/admin-ajax.php (Tarpitted for 1d15h8m28s, wasted 8.06MB)	Web App Attack
🇷🇴 StarTech Team	2026-06-14 14:44:56 (1 week ago)	Web App Atack	Web App Attack
🇫🇮 Christopher Hughes	2026-06-14 13:40:48 (1 week ago)	[Sun Jun 14 14:40:45.987467 2026] [proxy_fcgi:error] [pid 740190:tid 139821762725440] [client 104.28 ... show more [Sun Jun 14 14:40:45.987467 2026] [proxy_fcgi:error] [pid 740190:tid 139821762725440] [client 104.28.214.116:39235] AH01071: Got error 'Primary script unknown' [Sun Jun 14 14:40:46.367111 2026] [proxy_fcgi:error] [pid 740190:tid 139822391883328] [client 104.28.214.116:39235] AH01071: Got error 'Primary script unknown' [Sun Jun 14 14:40:46.745960 2026] [proxy_fcgi:error] [pid 740190:tid 139821175531072] [client 104.28.214.116:39235] AH01071: Got error 'Primary script unknown' [Sun Jun 14 14:40:46.935912 2026] [proxy_fcgi:error] [pid 740190:tid 139821754332736] [client 104.28.214.116:39235] AH01071: Got error 'Primary script unknown' [Sun Jun 14 14:40:47.693055 2026] [proxy_fcgi:error] [pid 740190:tid 139822767470144] [client 104.28.214.116:39235] AH01071: Got error 'Primary script unknown' ... show less	Web App Attack
🇳🇱 taivas.nl	2026-06-14 10:00:04 (1 week ago)	General_bad_requests	Bad Web Bot
🇫🇮 TrafficAnalyser	2026-06-14 09:40:43 (1 week ago)	Probing "GET /ms-themes.php HTTP/1.1"	Web App Attack
🇺🇸 gamabe	2026-06-14 05:07:06 (1 week ago)	Detected crowdsecurity/http-wordpress-scan attack pattern. Reported by CrowdSec IDS.	Web App Attack
🇭🇺 DumaNet	2026-06-14 03:41:00 (1 week ago)	Web app attack attempts, scanning for vulnerability. Date: 2026 Jun 14. 04:37:18 Source IP: 104.28 ... show more Web app attack attempts, scanning for vulnerability. Date: 2026 Jun 14. 04:37:18 Source IP: 104.28.214.116 Portion of the log(s): 104.28.214.116 - [14/Jun/2026:04:37:16 +0200] "GET /wp-admin/admin-ajax.php HTTP/1.1" 400 11 "-" "Go-http-client/1.1" 104.28.214.116 - [14/Jun/2026:04:37:16 +0200] "GET /dex.php HTTP/1.1" 404 153 "-" "Go-http-client/1.1" 104.28.214.116 - [14/Jun/2026:04:37:15 +0200] "GET /cord.php HTTP/1.1" 404 153 "-" "Go-http-client/1.1" 104.28.214.116 - [14/Jun/2026:04:37:15 +0200] "GET /shelp.php HTTP/1.1" 404 153 "-" "Go-http-client/1.1" 104.28.214.116 - [14/Jun/2026:04:37:15 +0200] "GET /abcd.php HTTP/1.1" 404 153 "-" "Go-http-client/1.1" 104.28.214.116 - [14/Jun/2026:04:37:15 +0200] "GET /akcc.php HTTP/1.1" 404 153 "-" "Go-http-client/1.1" 104.28.214.116 - [14/Jun/2026:04:37:15 +0200] "GET /blurbs.php HTTP/1.1" 404 153 "-" "Go-http-client/1.1" 104.28.214.116 - [14/Jun/2026:04:37:15 +0200] "GET /class-t.api.php HTTP/1.1" 404 153 "-" "Go-http-client/1.1" show less	Web App Attack Hacking

Showing 1 to 15 of 856 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 190.244.39.224

🇨🇦 85.217.149.63

🇧🇪 198.235.24.221

🇹🇼 198.235.24.113

🇳🇱 93.123.72.183

🇺🇸 91.230.168.14

🇺🇸 66.132.172.186

🇺🇸 64.188.155.136

🇯🇵 8.216.3.51

🇲🇽 187.237.47.214

🇹🇭 165.154.51.27

🇮🇳 122.187.234.73

🇺🇸 103.143.11.150

🇮🇹 2.57.170.61

🇰🇷 1.227.228.131

🇳🇱 192.253.248.66

🇲🇴 182.93.7.194

🇻🇳 165.154.137.186

🇺🇸 165.22.41.116

🇵🇰 160.187.180.173