JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.28.249.138

104.28.249.138 was found in our database!

This IP was reported 86 times. Confidence of Abuse is 100%: ?

100%

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇳🇱 Netherlands
City	Utrecht, Utrecht

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.28.249.138

Whois 104.28.249.138

IP Abuse Reports for 104.28.249.138:

This IP address has been reported a total of 86 times from 66 distinct sources. 104.28.249.138 was first reported on May 1st 2024, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 Mendip_Defender	2026-06-28 17:29:47 (1 hour ago)	104.28.249.138 - - [28/Jun/2026:18:29:39 +0100] "GET /.aws/credentials HTTP/1.1" 404 5003 "-" "Mozil ... show more 104.28.249.138 - - [28/Jun/2026:18:29:39 +0100] "GET /.aws/credentials HTTP/1.1" 404 5003 "-" "Mozilla/5.0 (compatible; Bytespider; [email protected])" ... show less	Bad Web Bot
🇫🇷 masterguru	2026-06-28 08:11:27 (10 hours ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-195)	Hacking Web App Attack
🇫🇷 masterguru	2026-06-28 05:03:40 (13 hours ago)	Restricted File Access Attempt. Matched phrase "config.json" at REQUEST_FILENAME. (930130-201)	Hacking Web App Attack
🇩🇪 Bedios GmbH	2026-06-28 00:44:56 (17 hours ago)	Login credentials theft attempt	Hacking
🇳🇱 Site.eu	2026-06-27 23:47:06 (18 hours ago)	Excessive multi-domain requests	Brute-Force
🇳🇱 Site.eu	2026-06-27 23:27:33 (19 hours ago)	Excessive 404/403 errors	Brute-Force
🇩🇪 FeG Deutschland	2026-06-27 20:17:32 (22 hours ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247	Exploited Host Web App Attack
🇩🇪 Holger	2026-06-27 17:35:16 (1 day ago)	Bruteforce WebAttack	Brute-Force Web App Attack
Anonymous	2026-06-27 13:36:02 (1 day ago)	Unauthorized SSH login attempts	Brute-Force SSH
🇺🇸 Rocky Mountain Bioengineering Symposium	2026-06-27 13:27:03 (1 day ago)	104.28.249.138 - - [27/Jun/2026:07:27:03 -0600] "GET /.git/config HTTP/2.0" 300 4342 "-" "Mozilla/5. ... show more 104.28.249.138 - - [27/Jun/2026:07:27:03 -0600] "GET /.git/config HTTP/2.0" 300 4342 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; PerplexityBot/1.0; +https://perplexity.ai/perplexitybot" ... show less	Web App Attack
🇩🇪 raph	2026-06-27 12:30:40 (1 day ago)	[DOT FILES] crawler .env, .git, .config, etc.	Bad Web Bot Web App Attack
🇦🇹 penguin-solutions.at	2026-06-27 12:24:31 (1 day ago)	Excessive 403/404 errors ...	Brute-Force Web App Attack
🇦🇺 aranguren.org	2026-06-27 12:21:23 (1 day ago)	104.28.249.138 - - [27/Jun/2026:22:21:22 +1000] "GET /vault.env HTTP/2.0" 404 985 "-" "anthropic-ai" ... show more 104.28.249.138 - - [27/Jun/2026:22:21:22 +1000] "GET /vault.env HTTP/2.0" 404 985 "-" "anthropic-ai" 104.28.249.138 - - [27/Jun/2026:22:21:22 +1000] "GET /.aws/credentials HTTP/2.0" 404 985 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; PerplexityBot/1.0; +https://perplexity.ai/perplexitybot" 104.28.249.138 - - [27/Jun/2026:22:21:22 +1000] "GET /v1/graphql HTTP/2.0" 404 985 "-" "meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)" 104.28.249.138 - - [27/Jun/2026:22:21:22 +1000] "GET /config/secrets.yml HTTP/2.0" 404 985 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 104.28.249.138 - - [27/Jun/2026:22:21:22 +1000] "GET /.git/config HTTP/2.0" 404 985 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 104.28.249.138 - - [27/Jun/2026:22:21:22 +1000] "GET /storage/logs/laravel.log HTTP/2.0" 404 985 "-" "Mozilla/5.0 (compatible; Claude-Web/1.0; +https://www.anthropic.com)" ... show less	Bad Web Bot
🇪🇸 alferez	2026-06-27 12:01:24 (1 day ago)	Searching .(env\|sql\|zip\|tar\|rar) files	Hacking Exploited Host Web App Attack
🇹🇼 ip4.tw	2026-06-27 10:35:01 (1 day ago)	Malicious web scan	Hacking Web App Attack

Showing 1 to 15 of 86 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.221

🇸🇬 172.188.89.41

🇱🇰 112.135.182.103

🇳🇱 91.92.40.7

🇺🇸 74.94.234.151

🇰🇷 221.162.218.85

🇲🇽 187.189.214.162

🇷🇺 185.26.30.112

🇨🇳 183.230.155.13

🇻🇳 113.171.81.144

🇷🇺 93.77.187.140

🇿🇼 74.244.197.230

🇩🇪 2a01:4f8:150:13a5::100:38

🇹🇼 198.235.24.92

🇺🇸 185.226.196.25

🇨🇳 116.172.130.79

🇬🇦 102.208.104.197

🇺🇸 74.125.181.156

🇸🇰 66.56.86.57

🇻🇳 14.225.173.146