JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.28.159.50

104.28.159.50 was found in our database!

This IP was reported 279 times. Confidence of Abuse is 59%: ?

59%

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.28.159.50

Whois 104.28.159.50

IP Abuse Reports for 104.28.159.50:

This IP address has been reported a total of 279 times from 161 distinct sources. 104.28.159.50 was first reported on May 17th 2023, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-06-16 14:54:47 (4 hours ago)	wp-login request blocked, no referer. Pattern match "wp-login.php" at REQUEST_URI. (88020-196)	Hacking
Anonymous	2026-06-15 21:18:49 (21 hours ago)	104.28.159.50 - - [15/Jun/2026:23:05:56 +0200] "POST /wp-login.php HTTP/1.1" 200 2851 "-" "Mozilla/5 ... show more 104.28.159.50 - - [15/Jun/2026:23:05:56 +0200] "POST /wp-login.php HTTP/1.1" 200 2851 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" 104.28.159.50 - - [15/Jun/2026:23:06:39 +0200] "POST /wp-login.php HTTP/1.1" 200 3345 "-" "Mozilla/5.0 (Linux; Android 15; Pixel 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Mobile Safari/537.36" 104.28.159.50 - - [15/Jun/2026:23:06:42 +0200] "POST /wp-login.php HTTP/1.1" 200 2838 "-" "Mozilla/5.0 (Linux; Android 15; Pixel 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Mobile Safari/537.36" 104.28.159.50 - - [15/Jun/2026:23:18:48 +0200] "POST /wp-login.php HTTP/1.1" 200 3484 "-" "Mozilla/5.0 (Linux; Android 15; Pixel 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Mobile Safari/537.36" 104.28.159.50 - - [15/Jun/2026:23:18:49 +0200] "POST /wp-login.php HTTP/1.1" 200 2851 "-" "Mozilla/5.0 (Linux; Android 15; Pixel 9) AppleWebKit/537.36 (KHTML, like Ge ... show less	Brute-Force Web App Attack
Anonymous	2026-06-11 21:40:54 (4 days ago)	IP banned by Fail2Ban due to multiple malicious requests on Nginx	Brute-Force SSH Web App Attack
🇺🇸 xmission.com	2026-06-09 20:24:19 (6 days ago)	Blocked by UFW (TCP on 11110) Source port: 42518 TTL: 49 Packet length: 60 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 11110) Source port: 42518 TTL: 49 Packet length: 60 TOS: 0x08 This report (for 104.28.159.50) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 xmission.com	2026-06-07 21:34:59 (1 week ago)	Blocked by UFW (TCP on 11110) Source port: 42841 TTL: 49 Packet length: 60 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 11110) Source port: 42841 TTL: 49 Packet length: 60 TOS: 0x08 This report (for 104.28.159.50) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 big-cloud.nl	2026-06-04 15:04:09 (1 week ago)	Try to access /xmlrpc.php	Web App Attack
Anonymous	2026-06-02 18:39:48 (2 weeks ago)	Try to connect to Port_Scan_15000_stealth	Port Scan
🇧🇪 cmbplf	2026-05-29 19:26:57 (2 weeks ago)	4.948 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇩🇪 big-cloud.nl	2026-05-29 16:58:52 (2 weeks ago)	Try to access /xmlrpc.php	Web App Attack
🇩🇪 LRob.fr	2026-05-22 22:30:07 (3 weeks ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇩🇪 R.G.	2026-05-22 22:29:45 (3 weeks ago)	(XMLRPCorWHATEVER) Get lost please 104.28.159.50 (SG/Singapore/-): 3 in the last 900 secs; Ports: ; ... show more (XMLRPCorWHATEVER) Get lost please 104.28.159.50 (SG/Singapore/-): 3 in the last 900 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇺🇸 raymarron.com	2026-05-21 19:38:33 (3 weeks ago)	/wp-login.php	Web App Attack
🇲🇽 octageeks.com	2026-05-16 04:06:32 (1 month ago)	Wordpress malicious attack:[octawp]	Web App Attack
🇮🇩 sockominfo	2026-05-12 14:00:17 (1 month ago)	User login to application from malicious IP 104.28.159.50.. Threat Score: 0/10 (INFORMATIONAL). Repo ... show more User login to application from malicious IP 104.28.159.50.. Threat Score: 0/10 (INFORMATIONAL). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇳🇱 Site.eu	2026-05-07 15:49:05 (1 month ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH

Showing 1 to 15 of 279 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 207.219.221.101

🇺🇸 191.96.150.250

🇮🇳 165.22.221.65

🇻🇪 154.194.13.95

🇺🇸 152.32.150.117

🇮🇳 103.248.120.6

🇷🇺 85.174.180.237

🇧🇷 45.164.251.106

🇩🇪 37.114.49.47

🇬🇧 35.203.211.160

🇹🇷 213.74.135.179

🇮🇳 168.144.127.145

🇻🇪 138.122.4.13

🇨🇳 118.196.56.74

🇨🇳 111.36.152.14

🇮🇩 103.157.48.80

🇱🇾 102.221.11.131

🇲🇦 102.103.173.224

🇫🇮 91.204.74.10

🇺🇸 89.208.245.72