JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.28.219.190

104.28.219.190 was found in our database!

This IP was reported 71 times. Confidence of Abuse is 100%: ?

100%

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇺🇸 United States of America
City	Kansas City, Missouri

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.28.219.190

Whois 104.28.219.190

IP Abuse Reports for 104.28.219.190:

This IP address has been reported a total of 71 times from 43 distinct sources. 104.28.219.190 was first reported on August 15th 2025, and the most recent report was 4 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-28 21:59:59 (4 minutes ago)	Auto-ban: >3000 req/min op 2026-06-28	Web App Attack SSH Hacking
🇫🇷 masterguru	2026-06-28 21:24:20 (40 minutes ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 104.28.219.190 (HN/Honduras/-): 2 in ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 104.28.219.190 (HN/Honduras/-): 2 in the last 3600 secs (0-196) show less	Hacking
🇩🇪 Hugopvigo	2026-06-28 20:33:08 (1 hour ago)	"2026-06-28 20:33:08+00:00 104.28.219.190 IP con score alto (100) detectada en el log."	Brute-Force SSH
🇩🇪 updown.io	2026-06-28 20:11:25 (1 hour ago)	{"level":"info","ts":1782677483.0122511,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1782677483.0122511,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"104.28.219.190","remote_port":"53383","client_ip":"104.28.219.190","proto":"HTTP/2.0","method":"GET","host":"demo.updown.io","uri":"/env.json","headers":{"User-Agent":["Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; Perplexity-User/1.0; +https://perplexity.ai/perplexity-user"],"Accept-Encoding":["gzip"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"demo.updown.io","ech":false}},"bytes_read":0,"user_id":"","duration":0.000856936,"size":0,"status":429,"resp_headers":{"Server":["Caddy"],"Alt-Svc":["h3=\":443\"; ma=2592000"],"Retry-After":["1"]}} {"level":"info","ts":1782677483.086104,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"104.28.219.190","remote_port":"53384","client_ip":"104.28.219.190","proto":"HTTP/2.0","method":"GET","host":"meta.updown.io","uri":"/application.properties ... show less	DDoS Attack Web App Attack
🇩🇪 Hugopvigo	2026-06-28 20:01:45 (2 hours ago)	104.28.219.190 - - [28/Jun/2026:22:01:45 +0200] "GET /.env.production.bak HTTP/1.1" 403 7917 "-" "Mo ... show more 104.28.219.190 - - [28/Jun/2026:22:01:45 +0200] "GET /.env.production.bak HTTP/1.1" 403 7917 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:149.0) Gecko/20100101 Firefox/149.0" ... show less	Hacking Brute-Force Web App Attack SSH
🇫🇷 masterguru	2026-06-28 18:07:13 (3 hours ago)	Restricted File Access Attempt. Matched phrase ".npmrc" at REQUEST_FILENAME. (930130-193)	Hacking Web App Attack
🇧🇪 Saec	2026-06-28 17:15:01 (4 hours ago)	Jarvis auto-ban: CF top attacker on saec.me (40 hits, US)	Port Scan Web App Attack
🇳🇱 Savvii	2026-06-28 15:10:34 (6 hours ago)	23 attempts against mh-misbehave-ban on twig	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-06-28 09:45:07 (12 hours ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇩🇪 paissangroup	2026-06-28 09:29:49 (12 hours ago)	Multiple WAF Violations	Web App Attack
🇮🇩 Burayot	2026-06-28 05:59:06 (16 hours ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 104.28.219.190 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 104.28.219.190 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇫🇷 Catalin Negru	2026-06-28 05:38:04 (16 hours ago)	2026-06-28 08:37:58,454 fail2ban.actions [2945670]: NOTICE [apache-scan] Ban 104.28.219.190 ... show more 2026-06-28 08:37:58,454 fail2ban.actions [2945670]: NOTICE [apache-scan] Ban 104.28.219.190 2026-06-28 08:37:58,683 fail2ban.actions [2945670]: NOTICE [apache-404] Ban 104.28.219.190 2026-06-28 08:38:02,786 fail2ban.actions [2945670]: NOTICE [web-scanner] Ban 104.28.219.190 2026-06-28 08:38:02,921 fail2ban.actions [2945670]: NOTICE [apache-security] Ban 104.28.219.190 2026-06-28 08:38:03,143 fail2ban.actions [2945670]: NOTICE [laravel-env] Ban 104.28.219.190 ... show less	Brute-Force Web App Attack
🇺🇸 gamabe	2026-06-27 19:25:48 (1 day ago)	Detected crowdsecurity/http-sensitive-files attack pattern. Reported by CrowdSec IDS.	Hacking
🇳🇱 Roderic	2026-06-27 14:23:10 (1 day ago)	(apache_scanners-2) Failed apache-scanners trigger with match [redacted])	Port Scan
🇺🇸 Matthew Ping	2026-06-27 12:45:01 (1 day ago)	ModSecurity rule 949110 triggered on d865. Web application attack blocked by CSF/LFD.	Web App Attack Hacking

Showing 1 to 15 of 71 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇱🇻 81.30.98.44

🇺🇸 54.184.96.248

🇮🇪 54.75.1.84

🇲🇾 47.250.125.42

🇩🇪 46.101.248.64

🇺🇸 20.169.74.230

🇸🇪 20.91.210.35

🇧🇷 205.210.31.166

🇺🇸 205.210.31.19

🇵🇰 202.47.42.54

🇬🇧 195.96.139.55

🇬🇧 185.247.137.176

🇮🇶 185.24.61.224

🇫🇷 172.71.122.189

🇨🇦 142.44.228.34

🇺🇸 103.215.74.185

🇳🇵 103.162.3.61

🇩🇪 92.246.91.211

🇩🇪 92.246.91.93

🇱🇻 81.30.98.62