JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.28.228.56

104.28.228.56 was found in our database!

This IP was reported 319 times. Confidence of Abuse is 100%: ?

100%

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇫🇷 France
City	Strasbourg, Grand Est

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.28.228.56

Whois 104.28.228.56

IP Abuse Reports for 104.28.228.56:

This IP address has been reported a total of 319 times from 137 distinct sources. 104.28.228.56 was first reported on October 28th 2025, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Site.eu	2026-06-21 12:49:08 (2 hours ago)	Excessive multi-domain requests	Brute-Force
🇩🇪 todix	2026-06-21 10:06:37 (5 hours ago)	Web App Attack Exploid from 104.28.228.56	Web App Attack
🇩🇪 MarkGGN	2026-06-20 23:39:31 (15 hours ago)	Web attack. [1781998770] [0.01228] [www.] [#5984661] [0] [1] [104.28.228.56] [404] [GET] [/wp-admin ... show more Web attack. [1781998770] [0.01228] [www.] [#5984661] [0] [1] [104.28.228.56] [404] [GET] [/wp-admin/admin-ajax.php] [Blocked access to admin-ajax.php] [hex:626f7420646574656374696f6e20697320656e61626c6564] [1781998770] [0.00559] [www.*] [#5187032] [0] [1] [104.28.228.56] [404] [GET] [/wp-admin/admin-ajax.php] [Blocked access to admin-ajax.php] [hex:626f7420646574656374696f6e20697320656e61626c6564] show less	Web App Attack
🇩🇪 club77	2026-06-20 23:35:40 (16 hours ago)	104.28.228.56 - - [21/Jun/2026:07:35:31 +0800] "GET /gifclass.php HTTP/2.0" 404 101661 "http://vicin ... show more 104.28.228.56 - - [21/Jun/2026:07:35:31 +0800] "GET /gifclass.php HTTP/2.0" 404 101661 "http://vicinity.live/gifclass.php#888xyz999" "Go-http-client/2.0" 104.28.228.56 - - [21/Jun/2026:07:35:39 +0800] "GET /bless.php HTTP/2.0" 404 101634 "http://vicinity.live/bless.php#888xyz999" "Go-http-client/2.0" 104.28.228.56 - - [21/Jun/2026:07:35:39 +0800] "GET /class-t.api.php HTTP/2.0" 404 101322 "http://vicinity.live/class-t.api.php#888xyz999" "Go-http-client/2.0" ... show less	Web App Attack
🇩🇪 simsung	2026-06-20 20:16:20 (19 hours ago)	104.28.228.56 - - [20/Jun/2026:20:16:19 +0000] "GET /ms-themes.php HTTP/2.0" 403 146 "http://eliato. ... show more 104.28.228.56 - - [20/Jun/2026:20:16:19 +0000] "GET /ms-themes.php HTTP/2.0" 403 146 "http://eliato.co.uk/ms-themes.php" "Go-http-client/2.0" ... show less	Bad Web Bot
🇷🇺 sms.ru	2026-06-20 18:20:17 (21 hours ago)	/wp-admin/txets.php	Web App Attack
🇬🇧 consul.to	2026-06-20 15:37:48 (1 day ago)	Web attack/malicious scanning detected	Web App Attack
🇫🇷 masterguru	2026-06-20 06:01:45 (1 day ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-193) show less	Bad Web Bot
🇳🇱 Site.eu	2026-06-18 21:00:36 (2 days ago)	Excessive multi-domain requests	Brute-Force
🇬🇧 Mendip_Defender	2026-06-18 13:56:02 (3 days ago)	104.28.228.56 - - [18/Jun/2026:14:55:55 +0100] "GET /ms-themes.php HTTP/1.1" 301 162 "-" "Go-http-cl ... show more 104.28.228.56 - - [18/Jun/2026:14:55:55 +0100] "GET /ms-themes.php HTTP/1.1" 301 162 "-" "Go-http-client/1.1" 104.28.228.56 - - [18/Jun/2026:14:55:56 +0100] "GET /ms-themes.php HTTP/1.1" 404 4058 "http://w4x4r.org.uk/ms-themes.php" "Go-http-client/2.0" 104.28.228.56 - - [18/Jun/2026:14:55:56 +0100] "GET /chosen.php?p= HTTP/1.1" 404 4058 "http://w4x4r.org.uk/chosen.php?p=" "Go-http-client/2.0" ... show less	Hacking Web App Attack
🇬🇧 consul.to	2026-06-17 23:12:37 (3 days ago)	Web attack/malicious scanning detected	Web App Attack
🇳🇱 Site.eu	2026-06-17 08:59:17 (4 days ago)	Excessive multi-domain requests	Brute-Force
🇩🇪 ghostwarriors	2026-06-16 10:20:38 (5 days ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Guardian	2026-06-16 01:25:34 (5 days ago)	Multi abuses [2]: Scanning for installed WordPress and vulnerabilities (x6), Unauthorized connection ... show more Multi abuses [2]: Scanning for installed WordPress and vulnerabilities (x6), Unauthorized connection attempt / Port scanning (x7) 104.28.228.56 [16/Jun/2026:01:25:32] "GET /wp-content/plugins/index.php HTTP/1.1" 104.28.228.56 [16/Jun/2026:01:25:32] "GET /wp-content/plugins/index.php HTTP/1.1" 104.28.228.56 [16/Jun/2026:01:25:32] "GET /wp-content/index.php HTTP/1.1" 104.28.228.56 [16/Jun/2026:01:25:32] "GET /wp-content/index.php HTTP/1.1" 104.28.228.56 [16/Jun/2026:01:25:32] "GET /ioxi-o.php HTTP/1.1" 104.28.228.56 [16/Jun/2026:01:25:32] "GET /ioxi-o.php HTTP/1.1" 104.28.228.56 [16/Jun/2026:01:25:32] "GET /insc.php HTTP/1.1" 104.28.228.56 [16/Jun/2026:01:25:32] "GET /insc.php HTTP/1.1" 104.28.228.56 [16/Jun/2026:01:25:32] "GET /classwithtostring.php HTTP/1.1" 104.28.228.56 [16/Jun/2026:01:25:32] "GET /classwithtostring.php HTTP/1.1" 104.28.228.56 [16/Jun/2026:01:25:33] "GET /txets.php HTTP/1.1" 104.28.228.56 [16/Jun/2026:01:25:33] "GET /wp-content/themes/txets.php HTTP/1.1" 104.28.228.56 [16/Jun/2026:01:25:33 show less	Port Scan Web App Attack
🇬🇧 venus.launch.bz	2026-06-16 00:50:30 (5 days ago)	(gohttpua) Bad UA Go-http-client from 104.28.228.56 (FR/France/-)	Hacking

Showing 1 to 15 of 319 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 192.241.112.77

🇮🇶 65.20.138.3

🇳🇱 45.148.10.152

🇸🇬 43.159.36.73

🇯🇵 8.209.239.57

🇬🇧 195.206.182.218

🇺🇸 184.174.44.118

🇧🇷 170.245.250.151

🇮🇳 103.215.237.40

🇳🇬 102.140.97.134

🇺🇸 34.224.180.177

🇭🇰 1.36.176.132

🇺🇸 136.111.221.28

🇮🇳 122.161.66.25

🇺🇸 104.234.53.145

🇺🇸 48.214.144.34

🇸🇨 45.194.67.130

🇺🇸 45.56.83.247

🇪🇨 193.30.14.166

🇺🇸 64.62.156.58