JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.28.156.148

104.28.156.148 was found in our database!

This IP was reported 324 times. Confidence of Abuse is 90%: ?

90%

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.28.156.148

Whois 104.28.156.148

IP Abuse Reports for 104.28.156.148:

This IP address has been reported a total of 324 times from 131 distinct sources. 104.28.156.148 was first reported on December 9th 2022, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇯🇵 rafale2k	2026-06-15 16:38:21 (4 days ago)	WordPress Brute Force	Brute-Force Web App Attack
🇩🇪 LRob.fr	2026-06-15 00:30:21 (5 days ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇺🇸 TAY	2026-06-12 02:09:48 (1 week ago)	104.28.156.148 - - [12/Jun/2026:10:09:46 +0800] "POST /wp-login.php HTTP/1.1" 200 15576 "-" "Mozilla ... show more 104.28.156.148 - - [12/Jun/2026:10:09:46 +0800] "POST /wp-login.php HTTP/1.1" 200 15576 "-" "Mozilla/5.0" 104.28.156.148 - - [12/Jun/2026:10:09:46 +0800] "POST /wp-login.php HTTP/1.1" 200 15546 "-" "Mozilla/5.0" 104.28.156.148 - - [12/Jun/2026:10:09:46 +0800] "POST /wp-login.php HTTP/1.1" 200 15546 "-" "Mozilla/5.0" ... show less	Brute-Force
🇺🇸 TAY	2026-06-12 01:07:45 (1 week ago)	104.28.156.148 - - [12/Jun/2026:09:07:38 +0800] "POST /wp-login.php HTTP/1.1" 200 15546 "-" "Mozilla ... show more 104.28.156.148 - - [12/Jun/2026:09:07:38 +0800] "POST /wp-login.php HTTP/1.1" 200 15546 "-" "Mozilla/5.0" 104.28.156.148 - - [12/Jun/2026:09:07:40 +0800] "POST /wp-login.php HTTP/1.1" 200 15576 "-" "Mozilla/5.0" 104.28.156.148 - - [12/Jun/2026:09:07:44 +0800] "POST /wp-login.php HTTP/1.1" 200 15594 "-" "Mozilla/5.0" ... show less	Brute-Force
🇺🇸 TAY	2026-06-12 00:05:35 (1 week ago)	104.28.156.148 - - [12/Jun/2026:08:05:33 +0800] "POST /wp-login.php HTTP/1.1" 200 15576 "-" "Mozilla ... show more 104.28.156.148 - - [12/Jun/2026:08:05:33 +0800] "POST /wp-login.php HTTP/1.1" 200 15576 "-" "Mozilla/5.0" 104.28.156.148 - - [12/Jun/2026:08:05:33 +0800] "POST /wp-login.php HTTP/1.1" 200 15594 "-" "Mozilla/5.0" 104.28.156.148 - - [12/Jun/2026:08:05:33 +0800] "POST /wp-login.php HTTP/1.1" 200 15546 "-" "Mozilla/5.0" ... show less	Brute-Force
🇺🇸 TAY	2026-06-11 23:03:15 (1 week ago)	104.28.156.148 - - [12/Jun/2026:07:03:15 +0800] "POST /wp-login.php HTTP/1.1" 200 15546 "-" "Mozilla ... show more 104.28.156.148 - - [12/Jun/2026:07:03:15 +0800] "POST /wp-login.php HTTP/1.1" 200 15546 "-" "Mozilla/5.0" 104.28.156.148 - - [12/Jun/2026:07:03:15 +0800] "POST /wp-login.php HTTP/1.1" 200 15594 "-" "Mozilla/5.0" 104.28.156.148 - - [12/Jun/2026:07:03:15 +0800] "POST /wp-login.php HTTP/1.1" 200 15576 "-" "Mozilla/5.0" ... show less	Brute-Force
🇺🇸 TAY	2026-06-11 21:59:11 (1 week ago)	104.28.156.148 - - [12/Jun/2026:05:59:09 +0800] "POST /wp-login.php HTTP/1.1" 200 15546 "-" "Mozilla ... show more 104.28.156.148 - - [12/Jun/2026:05:59:09 +0800] "POST /wp-login.php HTTP/1.1" 200 15546 "-" "Mozilla/5.0" 104.28.156.148 - - [12/Jun/2026:05:59:09 +0800] "POST /wp-login.php HTTP/1.1" 200 15546 "-" "Mozilla/5.0" 104.28.156.148 - - [12/Jun/2026:05:59:10 +0800] "POST /wp-login.php HTTP/1.1" 200 10419 "-" "Mozilla/5.0" ... show less	Brute-Force
🇺🇸 TAY	2026-06-11 20:52:44 (1 week ago)	104.28.156.148 - - [12/Jun/2026:04:52:43 +0800] "POST /wp-login.php HTTP/1.1" 200 15576 "-" "Mozilla ... show more 104.28.156.148 - - [12/Jun/2026:04:52:43 +0800] "POST /wp-login.php HTTP/1.1" 200 15576 "-" "Mozilla/5.0" 104.28.156.148 - - [12/Jun/2026:04:52:43 +0800] "POST /wp-login.php HTTP/1.1" 200 15594 "-" "Mozilla/5.0" 104.28.156.148 - - [12/Jun/2026:04:52:43 +0800] "POST /wp-login.php HTTP/1.1" 200 15546 "-" "Mozilla/5.0" ... show less	Brute-Force
🇺🇸 TAY	2026-06-11 19:48:19 (1 week ago)	104.28.156.148 - - [12/Jun/2026:03:48:18 +0800] "POST /wp-login.php HTTP/1.1" 200 15546 "-" "Mozilla ... show more 104.28.156.148 - - [12/Jun/2026:03:48:18 +0800] "POST /wp-login.php HTTP/1.1" 200 15546 "-" "Mozilla/5.0" 104.28.156.148 - - [12/Jun/2026:03:48:18 +0800] "POST /wp-login.php HTTP/1.1" 200 15546 "-" "Mozilla/5.0" 104.28.156.148 - - [12/Jun/2026:03:48:18 +0800] "POST /wp-login.php HTTP/1.1" 200 15594 "-" "Mozilla/5.0" ... show less	Brute-Force
🇺🇸 TAY	2026-06-11 18:41:36 (1 week ago)	104.28.156.148 - - [12/Jun/2026:02:41:35 +0800] "POST /wp-login.php HTTP/1.1" 200 15576 "-" "Mozilla ... show more 104.28.156.148 - - [12/Jun/2026:02:41:35 +0800] "POST /wp-login.php HTTP/1.1" 200 15576 "-" "Mozilla/5.0" 104.28.156.148 - - [12/Jun/2026:02:41:35 +0800] "POST /wp-login.php HTTP/1.1" 200 15594 "-" "Mozilla/5.0" 104.28.156.148 - - [12/Jun/2026:02:41:36 +0800] "POST /wp-login.php HTTP/1.1" 200 10389 "-" "Mozilla/5.0" ... show less	Brute-Force
🇮🇩 sockominfo	2026-06-11 10:00:54 (1 week ago)	User login to application from malicious IP 104.28.156.148.. Threat Score: 3.7/10 (LOW). Confidence: ... show more User login to application from malicious IP 104.28.156.148.. Threat Score: 3.7/10 (LOW). Confidence: 30%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 40%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-11 09:00:52 (1 week ago)	User login to application from malicious IP 104.28.156.148.. Threat Score: 4.1/10 (MEDIUM). Confiden ... show more User login to application from malicious IP 104.28.156.148.. Threat Score: 4.1/10 (MEDIUM). Confidence: 40%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 57%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-11 08:00:09 (1 week ago)	User login to application from malicious IP 104.28.156.148.. Threat Score: 0/10 (INFORMATIONAL). Rep ... show more User login to application from malicious IP 104.28.156.148.. Threat Score: 0/10 (INFORMATIONAL). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇺🇸 jormaster3k	2026-06-10 10:06:11 (1 week ago)	Attack against WordPress	Web App Attack
🇺🇸 nyt	2026-06-09 11:47:24 (1 week ago)	Brute-Force, Web App Attack, suspicious: WP login POST blocked by WAF, Bare UA + POST	Brute-Force Web App Attack

Showing 1 to 15 of 324 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇨 181.39.152.195

🇱🇹 81.30.98.144

🇺🇸 64.62.197.39

🇺🇸 45.91.81.111

🇰🇷 43.133.80.51

🇩🇪 194.88.98.90

🇭🇰 185.242.232.164

🇧🇷 153.67.111.195

🇸🇬 118.26.111.107

🇰🇷 112.121.204.181

🇰🇪 102.213.49.18

🇺🇸 91.242.72.11

🇫🇷 85.217.140.34

🇹🇷 81.214.38.139

🇳🇱 77.60.231.50

🇬🇧 35.203.211.143

🇬🇧 5.226.140.57

🇩🇪 2.27.20.149

🇺🇸 216.244.83.2

🇺🇸 216.180.246.109