JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.28.251.242

104.28.251.242 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 28%: ?

28%

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇮🇩 Indonesia
City	Semarang, Central Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.28.251.242

Whois 104.28.251.242

IP Abuse Reports for 104.28.251.242:

This IP address has been reported a total of 11 times from 9 distinct sources. 104.28.251.242 was first reported on September 5th 2023, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 ghostwarriors	2026-06-21 08:50:14 (3 days ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ksol-hostmaster	2026-06-21 08:27:53 (3 days ago)	2026/06/21 10:27:52 [error] 12190#161074: 2306557 access forbidden by rule, client: 104.28.251.242, ... show more 2026/06/21 10:27:52 [error] 12190#161074: 2306557 access forbidden by rule, client: 104.28.251.242, server: new.hondaforum.hu, request: "GET /js/facebook.js HTTP/2.0", host: "new.hondaforum.hu" ... show less	Web Spam
🇺🇸 xxkodedxx	2026-06-15 11:06:58 (1 week ago)	[Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost) Trigger: 8× edge-block in 10 ... show more [Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost) Trigger: 8× edge-block in 10m window. Origin: HN / AS13335 Cloudflare, Inc. Active: 11:06:49→11:06:53 UTC Volume: 8 HTTP req Probed: /@vite/client, / Status mix: 444×8 Vhost fishing: teachme.ztx-lab.com UA: "Mozilla/5.0 (X11; Linux x86_64) Gecko/20100101 Firefox/128.0" Auto-banned 30d. zorvexus-banner. show less	Bad Web Bot Web App Attack
🇺🇸 Lee Daniel	2026-05-18 07:32:33 (1 month ago)	104.28.251.242 - - [18/May/2026:03:32:29 -0400] "GET /user/42 HTTP/1.1" 404 47034 "-" "Mozilla/5.0 ( ... show more 104.28.251.242 - - [18/May/2026:03:32:29 -0400] "GET /user/42 HTTP/1.1" 404 47034 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36" 104.28.251.242 - - [18/May/2026:03:32:30 -0400] "GET /node/43 HTTP/1.1" 404 47034 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36" 104.28.251.242 - - [18/May/2026:03:32:31 -0400] "GET /user/43 HTTP/1.1" 404 47034 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36" 104.28.251.242 - - [18/May/2026:03:32:32 -0400] "GET /node/44 HTTP/1.1" 404 47034 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36" 104.28.251.242 - - [18/May/2026:03:32:33 -0400] "GET /user/44 HTTP/1.1" 404 47034 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Ch ... show less	DDoS Attack Web Spam Email Spam Port Scan Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-16 10:18:12 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 104.28.251.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.28.251.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 16 06:18:08.539750 2026] [security2:error] [pid 5287:tid 5287] [client 104.28.251.242:41855] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.famagustacyprus.eu\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.famagustacyprus.eu"] [uri "/wp-json/wp/v2/users"] [unique_id "aghEYCeyQeVEUcqaWeRv_QAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-11-09 12:51:18 (1 year ago)	Ports: 25,465,587; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
Anonymous	2024-11-03 03:32:54 (1 year ago)	Ports: 25,465,587; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
Anonymous	2024-05-29 04:59:55 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇮🇩 hermawan	2023-12-07 01:04:30 (2 years ago)	[Thu Dec 07 08:04:24.669399 2023] [security2:error] [pid 315051:tid 139898849019456] [client 104.28. ... show more [Thu Dec 07 08:04:24.669399 2023] [security2:error] [pid 315051:tid 139898849019456] [client 104.28.251.242:14367] [client 104.28.251.242] ModSecurity: Access denied with code 403 (phase 1). Match of "pm www.google.com https://www.google.fi/ android-app://com.google.android.gm https://homepage.miui.com/ myactivity.google.com applebot iPhone bingbot https://yandex.com/ https://www.google.com.tw sih3.dpuair.jatimprov.go.id duckduckgo.com neeva.com mail. ..." against "REQUEST_HEADERS:Referer" required. [file "/etc/modsecurity/coreruleset-3.3.5/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "63"] [id "440067"] [msg "BAD Referer"] [data "Matched Data: staklim-jatim.bmkg.go.id found within REQUEST_HEADERS:Referer: https://www.perplexity.ai/ request_line = GET /images/Klimatologi/Infografis/Infografis-Iklim/Klimat_Story/2023/Mengenal_Fenomena_Indian_Ocean_Dipole_Yang_Terjadi_di_Samudra_Hindia.jpg HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/images/Klimatol ... show less	Hacking Web App Attack
Anonymous	2023-09-05 19:15:02 (2 years ago)		Web Spam Email Spam Blog Spam Bad Web Bot Web App Attack
🇬🇧 ASPAN	2023-09-05 17:25:03 (2 years ago)	Unsolicited connection attempt(s), port:27587.	Port Scan

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 135.181.182.250

🇩🇪 130.12.180.51

🇺🇸 129.121.102.3

🇺🇸 24.105.248.218

🇰🇷 220.118.173.234

🇺🇸 47.251.187.142

🇱🇹 45.227.254.170

🇸🇬 43.173.180.254

🇩🇪 167.94.146.42

🇺🇸 145.223.7.24

🇺🇸 91.230.168.5

🇬🇧 89.37.172.148

🇨🇦 85.217.149.66

🇺🇸 195.184.76.128

🇳🇱 172.94.9.55

🇨🇳 123.145.129.56

🇺🇸 65.110.40.49

🇺🇸 45.41.172.66

🇺🇸 2a04:c300:400::178

🇺🇸 192.178.37.24