JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.28.217.140

104.28.217.140 was found in our database!

This IP was reported 114 times. Confidence of Abuse is 100%: ?

100%

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇳🇱 Netherlands
City	Utrecht, Utrecht

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.28.217.140

Whois 104.28.217.140

IP Abuse Reports for 104.28.217.140:

This IP address has been reported a total of 114 times from 86 distinct sources. 104.28.217.140 was first reported on October 21st 2023, and the most recent report was 54 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-06-27 20:30:04 (54 minutes ago)	Restricted File Access Attempt. Matched phrase "secrets.json" at REQUEST_FILENAME. (930130-196)	Hacking Web App Attack
🇳🇱 Site.eu	2026-06-27 18:15:55 (3 hours ago)	Excessive multi-domain requests	Brute-Force
🇫🇷 masterguru	2026-06-27 18:14:16 (3 hours ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-201)	Hacking Web App Attack
🇩🇪 Hary74656	2026-06-27 16:25:21 (4 hours ago)	[Sat Jun 27 18:25:07.649523 2026] [security2:error] [pid 79157:tid 79219] [remote 104.28.217.140:276 ... show more [Sat Jun 27 18:25:07.649523 2026] [security2:error] [pid 79157:tid 79219] [remote 104.28.217.140:27677] [client 104.28.217.140] ModSecurity: Access denied with code 403 (phase 2). Pattern match "Search Engine" at TX:httpbl_msg. [file "/usr/share/modsecurity-crs/rules/REQUEST-910-IP-REPUTATION.conf"] [line "199"] [id "910150"] [msg "HTTP Blacklist match for search engine IP"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-reputation-ip"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [hostname "aschi.at"] [uri "/"] [unique_id "aj_5YzboMXIQifQ2lkEf_QABrhg"] [Sat Jun 27 18:25:08.140127 2026] [security2:error] [pid 79157:tid 79182] [remote 104.28.217.140:27677] [client 104.28.217.140] ModSecurity: Access denied with code 403 (phase 2). Pattern match "Search Engine" at TX:httpbl_msg. [file "/usr/share/modsecurity-crs/rules/REQUEST-910-IP-REPUTATION.conf"] [line "199"] [id "910150"] [msg "HTTP Blacklist match for ... show less	Web App Attack
🇫🇷 masterguru	2026-06-27 16:14:13 (5 hours ago)	Restricted File Access Attempt. Matched phrase "config.json" at REQUEST_FILENAME. (930130-197)	Hacking Web App Attack
🇩🇪 FeG Deutschland	2026-06-27 16:05:51 (5 hours ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247	Exploited Host Web App Attack
🇪🇸 alferez	2026-06-27 15:26:21 (5 hours ago)	Searching .(env\|sql\|zip\|tar\|rar) files	Hacking Exploited Host Web App Attack
🇳🇱 e.fierstra	2026-06-27 15:00:30 (6 hours ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇩🇪 Dominik Lysiak	2026-06-27 13:51:49 (7 hours ago)	104.28.217.140 - - [27/Jun/2026:15:51:49 +0200] "GET /.aws/credentials HTTP/2.0" 404 146 "-" "Mozill ... show more 104.28.217.140 - - [27/Jun/2026:15:51:49 +0200] "GET /.aws/credentials HTTP/2.0" 404 146 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; OAI-SearchBot/1.0; +https://openai.com/searchbot" 104.28.217.140 - - [27/Jun/2026:15:51:49 +0200] "GET /.git/config HTTP/2.0" 404 146 "-" "CCBot/2.0 (https://commoncrawl.org/faq/)" 104.28.217.140 - - [27/Jun/2026:15:51:49 +0200] "GET /.env.example HTTP/2.0" 404 146 "-" "meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)" ... show less	Web App Attack
🇺🇸 Rocky Mountain Bioengineering Symposium	2026-06-27 13:20:21 (8 hours ago)	[Sat Jun 27 07:20:21.520528 2026] [authz_core:error] [pid 82920:tid 140607808132672] [client 104.28. ... show more [Sat Jun 27 07:20:21.520528 2026] [authz_core:error] [pid 82920:tid 140607808132672] [client 104.28.217.140:39361] AH01630: client denied by server configuration: /var/www/public_html/journal/.git [Sat Jun 27 07:20:21.525356 2026] [authz_core:error] [pid 82920:tid 140607808132672] [client 104.28.217.140:39361] AH01630: client denied by server configuration: /var/www/public_rsrc/assets/RMBS-Server-Error.html [Sat Jun 27 07:20:21.527985 2026] [authz_core:error] [pid 82920:tid 140607816525376] [client 104.28.217.140:39361] AH01630: client denied by server configuration: /var/www/public_html/journal/secrets.yml ... show less	Bad Web Bot
🇪🇸 loadsoporte	2026-06-27 11:31:49 (9 hours ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇫🇮 Christopher Hughes	2026-06-27 11:08:22 (10 hours ago)	104.28.217.140 - - [27/Jun/2026:12:08:22 +0100] "GET /.env.development HTTP/2.0" 404 224 "-" "Mozill ... show more 104.28.217.140 - - [27/Jun/2026:12:08:22 +0100] "GET /.env.development HTTP/2.0" 404 224 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" ... show less	Web App Attack
🇩🇪 grassau.com	2026-06-27 10:48:20 (10 hours ago)	(mod_security) mod_security triggered on hostname [redacted] 104.28.217.140 (NL/The Netherlands/Utre ... show more (mod_security) mod_security triggered on hostname [redacted] 104.28.217.140 (NL/The Netherlands/Utrecht/Utrecht/-) show less	SQL Injection
🇩🇪 Hazzard	2026-06-27 09:11:49 (12 hours ago)	(apache-useragents) Failed apache-useragents trigger with match [redacted]): (CF_ENABLE)	Bad Web Bot
🇩🇪 MBombeck	2026-06-27 08:56:27 (12 hours ago)	Fail2Ban/traefik-botsearch on apps-01: banned after 5 failures	Web App Attack

Showing 1 to 15 of 114 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 177.91.52.127

🇫🇮 147.185.133.215

🇨🇳 222.174.184.86

🇺🇸 206.191.154.44

🇧🇷 205.164.235.239

🇧🇷 205.164.233.76

🇺🇸 192.227.155.98

🇧🇷 177.37.19.0

🇨🇭 172.161.73.175

🇧🇷 167.249.168.44

🇲🇴 125.31.4.70

🇬🇧 123.58.207.81

🇨🇳 116.207.115.159

🇮🇹 93.92.76.194

🇫🇷 85.217.140.49

🇭🇰 43.154.78.114

🇬🇭 41.211.16.124

🇨🇳 218.72.71.234

🇨🇱 186.79.9.17

🇧🇷 177.91.52.122