JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.28.225.32

104.28.225.32 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 66%: ?

66%

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇺🇸 United States of America
City	Las Vegas, Nevada

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.28.225.32

Whois 104.28.225.32

IP Abuse Reports for 104.28.225.32:

This IP address has been reported a total of 35 times from 11 distinct sources. 104.28.225.32 was first reported on June 2nd 2026, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-04 17:01:11 (4 hours ago)	(mod_security) mod_security (id:210492) triggered by 104.28.225.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.28.225.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 13:00:10.917901 2026] [security2:error] [pid 20223:tid 20223] [client 104.28.225.32:15669] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dannyvanryswyk.com"] [uri "/.git/HEAD"] [unique_id "aiGvGuC4NyNcQjAGqm7FHQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 walnuts	2026-06-04 16:50:52 (4 hours ago)	Automated: Triggered nginx security jail (nginx-444) - probing blocked paths on web server	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 14:40:24 (6 hours ago)	(mod_security) mod_security (id:210492) triggered by 104.28.225.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.28.225.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 10:40:17.678315 2026] [security2:error] [pid 18554:tid 18554] [client 104.28.225.32:53756] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "daisydoesoap.com"] [uri "/.git/config"] [unique_id "aiGOUXtctGQEhkX4WWIfvgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 12:09:51 (9 hours ago)	(mod_security) mod_security (id:210492) triggered by 104.28.225.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.28.225.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 08:09:47.030028 2026] [security2:error] [pid 3557:tid 3557] [client 104.28.225.32:40184] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "myersbarnescpa.com"] [uri "/.git/HEAD"] [unique_id "aiFrCzhc50nODlo7mH6ixwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 11:45:48 (9 hours ago)	(mod_security) mod_security (id:210492) triggered by 104.28.225.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.28.225.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 07:45:45.148560 2026] [security2:error] [pid 27695:tid 27695] [client 104.28.225.32:52615] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mydarklady.com"] [uri "/.git/config"] [unique_id "aiFladbd_11Mfr0XowUtMgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 10:34:19 (10 hours ago)	(mod_security) mod_security (id:210492) triggered by 104.28.225.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.28.225.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 06:34:14.019198 2026] [security2:error] [pid 27925:tid 27925] [client 104.28.225.32:58914] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "curryfirm.com"] [uri "/.git/HEAD"] [unique_id "aiFUppKle5nO-OPdaA_ZuQAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 09:44:54 (11 hours ago)	(mod_security) mod_security (id:210492) triggered by 104.28.225.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.28.225.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 05:44:47.797058 2026] [security2:error] [pid 24393:tid 24393] [client 104.28.225.32:24453] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cultiplant.com"] [uri "/.git/HEAD"] [unique_id "aiFJD2BDuzgpMlnZ2GJewAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-06-04 09:38:18 (11 hours ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.28.225.32 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.28.225.32 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 mnsf	2026-06-04 09:06:47 (12 hours ago)	Abuse Detected (2)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 07:09:52 (14 hours ago)	(mod_security) mod_security (id:210492) triggered by 104.28.225.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.28.225.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 03:09:45.457422 2026] [security2:error] [pid 18821:tid 18821] [client 104.28.225.32:57018] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crr-construction.com"] [uri "/.git/config"] [unique_id "aiEkuYNoEfQg4dsJnttm-gAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Oakley	2026-06-04 06:51:29 (14 hours ago)	(confirmed_bot_sig) Confirmed bot	Hacking
🇺🇸 TPI-Abuse	2026-06-04 06:15:19 (14 hours ago)	(mod_security) mod_security (id:210492) triggered by 104.28.225.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.28.225.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 02:15:12.289987 2026] [security2:error] [pid 32111:tid 32111] [client 104.28.225.32:35700] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crittergetterpestcontrol.com"] [uri "/.git/config"] [unique_id "aiEX8ATDKQvvUptfb1fR1QAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 05:39:15 (15 hours ago)	(mod_security) mod_security (id:210492) triggered by 104.28.225.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.28.225.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 01:39:11.757716 2026] [security2:error] [pid 22145:tid 22145] [client 104.28.225.32:14859] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crestrong.com"] [uri "/.git/config"] [unique_id "aiEPf-uGDnnYrq1UBDAOFwAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 05:11:45 (16 hours ago)	(mod_security) mod_security (id:210492) triggered by 104.28.225.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.28.225.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 01:11:38.136280 2026] [security2:error] [pid 5158:tid 5174] [client 104.28.225.32:17666] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "credit-card-cap.com"] [uri "/.git/HEAD"] [unique_id "aiEJCiIMqT8UvozMNf-UVwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-03 22:05:06 (23 hours ago)	WAF repeated trigger detected by Fail2Ban	Web App Attack

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 195.248.243.247

🇨🇳 101.249.62.32

🇨🇳 101.126.22.12

🇸🇬 101.47.156.21

🇳🇱 81.19.216.118

🇳🇱 77.83.39.240

🇺🇸 65.51.140.190

🇳🇱 45.153.34.195

🇬🇧 35.203.210.121

🇬🇧 193.163.125.69

🇳🇱 185.223.235.18

🇩🇪 69.5.169.15

🇺🇸 3.89.176.255

🇷🇴 2.57.121.112

🇧🇷 205.210.31.239

🇧🇷 177.44.187.126

🇷🇺 176.108.209.235

🇩🇪 130.12.181.102

🇩🇪 130.12.181.101

🇳🇱 77.90.63.252