JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.28.228.55

104.28.228.55 was found in our database!

This IP was reported 237 times. Confidence of Abuse is 100%: ?

100%

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇫🇷 France
City	Strasbourg, Grand Est

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.28.228.55

Whois 104.28.228.55

IP Abuse Reports for 104.28.228.55:

This IP address has been reported a total of 237 times from 126 distinct sources. 104.28.228.55 was first reported on March 12th 2025, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇦 URAN Publishing Service	2026-05-06 05:38:21 (4 weeks ago)	104.28.228.55 - - [06/May/2026:08:38:18 +0300] "GET /wp-includes/style.php HTTP/1.1" 404 712 "-" "Go ... show more 104.28.228.55 - - [06/May/2026:08:38:18 +0300] "GET /wp-includes/style.php HTTP/1.1" 404 712 "-" "Go-http-client/1.1" 104.28.228.55 - - [06/May/2026:08:38:20 +0300] "GET /wp-admin/admin-ajax.php HTTP/1.1" 404 712 "-" "Go-http-client/1.1" ... show less	Web App Attack
Anonymous	2026-05-06 03:07:54 (4 weeks ago)	[Wed May 06 05:07:52.333461 2026] [proxy_fcgi:error] [pid 33530:tid 33642] [client 104.28.228.55:534 ... show more [Wed May 06 05:07:52.333461 2026] [proxy_fcgi:error] [pid 33530:tid 33642] [client 104.28.228.55:53446] AH01071: Got error 'Primary script unknown', referer: http://mail2.akcurate.de/style.php [Wed May 06 05:07:53.311679 2026] [proxy_fcgi:error] [pid 33764:tid 33792] [client 104.28.228.55:10993] AH01071: Got error 'Primary script unknown', referer: http://docs.akcurate.de/style.php [Wed May 06 05:07:53.380895 2026] [proxy_fcgi:error] [pid 33764:tid 33794] [client 104.28.228.55:10993] AH01071: Got error 'Primary script unknown', referer: http://docs.akcurate.de/wp-content/style.php [Wed May 06 05:07:53.399486 2026] [proxy_fcgi:error] [pid 33764:tid 33795] [client 104.28.228.55:10993] AH01071: Got error 'Primary script unknown', referer: http://docs.akcurate.de/wp-content/themes/style.php [Wed May 06 05:07:53.432478 2026] [proxy_fcgi:error] [pid 33764:tid 33809] [client 104.28.228.55:10993] AH01071: Got error 'Primary script unknown', referer: http://docs.akcurate.de/wp-includes/style.ph ... show less	Brute-Force Web App Attack
🇪🇸 masterguru	2026-05-05 10:47:58 (4 weeks ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-123) show less	Bad Web Bot
🇫🇷 Duggy_Tuxy🧱	2026-05-05 10:29:08 (4 weeks ago)	[SW-WS-PROD01] Blocked by SysWarden Firewall (Web Attack)	Web App Attack Hacking Port Scan
🇩🇪 kernel-error.de	2026-05-04 11:11:59 (4 weeks ago)	104.28.228.55 - - [04/May/2026:13:11:57 +0200] "GET /wp-content/style.php HTTP/2.0" 404 146 "http:// ... show more 104.28.228.55 - - [04/May/2026:13:11:57 +0200] "GET /wp-content/style.php HTTP/2.0" 404 146 "http://mta-sts.vandemeer.de/wp-content/style.php" "Go-http-client/2.0" www.kernel-error.de HTTP/2.0 https 0.000 - - - TLSv1.3 TLS_CHACHA20_POLY1305_SHA256 X25519 - 104.28.228.55 - - [04/May/2026:13:11:57 +0200] "GET /wp-content/themes/style.php HTTP/2.0" 404 146 "http://mta-sts.vandemeer.de/wp-content/themes/style.php" "Go-http-client/2.0" www.kernel-error.de HTTP/2.0 https 0.000 - - - TLSv1.3 TLS_CHACHA20_POLY1305_SHA256 X25519 - 104.28.228.55 - - [04/May/2026:13:11:57 +0200] "GET /wp-admin/style.php HTTP/2.0" 404 146 "http://mta-sts.vandemeer.de/wp-admin/style.php" "Go-http-client/2.0" www.kernel-error.de HTTP/2.0 https 0.000 - - - TLSv1.3 TLS_CHACHA20_POLY1305_SHA256 X25519 - 104.28.228.55 - - [04/May/2026:13:11:57 +0200] "GET /wp-includes/style.php HTTP/2.0" 404 146 "http://mta-sts.vandemeer.de/wp-includes/style.php" "Go-http-client/2.0" www.kernel-error.de HTTP/2.0 https 0.000 - - - TLSv1. ... show less	Web App Attack
🇳🇱 oisecnet	2026-05-04 08:52:16 (4 weeks ago)	Automated report: Unauthorized vulnerability scanning detected on 2026-05-04. 33 requests from this ... show more Automated report: Unauthorized vulnerability scanning detected on 2026-05-04. 33 requests from this IP. show less	Brute-Force Web App Attack SSH
🇳🇱 Site.eu	2026-05-04 05:47:40 (4 weeks ago)	Excessive multi-domain requests	Brute-Force
🇬🇧 poundawebsiteltd	2026-05-04 04:20:56 (4 weeks ago)	Apache 403 Forbidden Access. Evidence: [REDACTED_DOMAIN]:80 104.28.228.55 - - [04/May/2026:05:20:55 ... show more Apache 403 Forbidden Access. Evidence: [REDACTED_DOMAIN]:80 104.28.228.55 - - [04/May/2026:05:20:55 +0100] GET /wp-admin/zwso.php HTTP/1.1 403 158 - Go-http-client/1.1 show less	Web App Attack
Anonymous	2026-05-04 01:20:10 (4 weeks ago)	104.28.228.55 - - [04/May/2026:03:20:00 +0200] "GET /wp-content/style.php HTTP/1.1" 404 124 "http:// ... show more 104.28.228.55 - - [04/May/2026:03:20:00 +0200] "GET /wp-content/style.php HTTP/1.1" 404 124 "http://pan.aiforlearning.co.zm/wp-content/style.php" "Go-http-client/1.1" 104.28.228.55 - - [04/May/2026:03:20:01 +0200] "GET /wp-content/themes/style.php HTTP/1.1" 404 124 "http://pan.aiforlearning.co.zm/wp-content/themes/style.php" "Go-http-client/1.1" 104.28.228.55 - - [04/May/2026:03:20:01 +0200] "GET /wp-includes/style.php HTTP/1.1" 404 124 "http://pan.aiforlearning.co.zm/wp-includes/style.php" "Go-http-client/1.1" 104.28.228.55 - - [04/May/2026:03:20:07 +0200] "GET /wp-content/plugins/hellopress/wp_mna.php HTTP/1.1" 404 124 "http://pan.aiforlearning.co.zm/wp-content/plugins/hellopress/wp_mna.php" "Go-http-client/1.1" 104.28.228.55 - - [04/May/2026:03:20:09 +0200] "GET /wp-content/plugins/index.php HTTP/1.1" 404 124 "http://pan.aiforlearning.co.zm/wp-content/plugins/index.php" "Go-http-client/1.1" ... show less	Brute-Force Web App Attack
🇩🇪 Philister11	2026-05-04 00:39:51 (4 weeks ago)	CrowdSec: crowdsecurity/http-admin-interface-probing (FR/AS13335)	Web App Attack Hacking
🇳🇿 Antinson	2026-05-03 22:18:37 (4 weeks ago)	Scraping with a high error ratio and request rate	Bad Web Bot
🇺🇸 MPL	2026-05-03 17:51:05 (1 month ago)	tcp/80 (8 or more attempts)	Port Scan
🇬🇧 rakkor	2026-05-03 15:34:54 (1 month ago)	2026-05-03T16:34:53+01:00 NAS [Sun May 03 16:34:53.479072 2026] [proxy_fcgi:error] [pid 21824:tid 21 ... show more 2026-05-03T16:34:53+01:00 NAS [Sun May 03 16:34:53.479072 2026] [proxy_fcgi:error] [pid 21824:tid 21864] [client 104.28.228.55:55630] AH01071: Got error 'Primary script unknown', referer: http://rakkor-uk.direct.quickconnect.to/style.php ... show less	Brute-Force Hacking
🇺🇸 ph	2026-05-03 14:45:58 (1 month ago)	Bad web bot attempting to run wp-content on non-WP site	Hacking Bad Web Bot Web App Attack
🇺🇦 URAN Publishing Service	2026-05-03 11:28:30 (1 month ago)	104.28.228.55 - - [03/May/2026:14:28:29 +0300] "GET /wp-content/style.php HTTP/1.1" 404 718 "-" "Go- ... show more 104.28.228.55 - - [03/May/2026:14:28:29 +0300] "GET /wp-content/style.php HTTP/1.1" 404 718 "-" "Go-http-client/1.1" 104.28.228.55 - - [03/May/2026:14:28:29 +0300] "GET /wp-content/themes/style.php HTTP/1.1" 404 718 "-" "Go-http-client/1.1" ... show less	Web App Attack

Showing 91 to 105 of 237 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 209.38.131.131

🇺🇸 185.255.100.243

🇺🇸 178.156.198.226

🇺🇸 159.89.84.60

🇳🇱 91.92.241.254

🇺🇸 66.228.35.180

🇩🇪 43.228.157.234

🇧🇪 34.140.251.161

🇺🇸 32.196.136.187

🇺🇸 3.144.241.64

🇧🇪 2a00:1450:400c:c00::12c

🇧🇷 205.210.31.193

🇺🇸 172.183.7.194

🇵🇭 143.44.165.15

🇺🇸 137.184.122.216

🇰🇷 119.205.179.217

🇵🇱 87.251.64.141

🇳🇱 81.19.216.80

🇩🇪 69.5.169.22

🇩🇪 43.228.157.180