JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.28.163.17

104.28.163.17 was found in our database!

This IP was reported 401 times. Confidence of Abuse is 100%: ?

100%

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.28.163.17

Whois 104.28.163.17

IP Abuse Reports for 104.28.163.17:

This IP address has been reported a total of 401 times from 171 distinct sources. 104.28.163.17 was first reported on December 4th 2024, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇦 URAN Publishing Service	2026-06-25 12:43:24 (7 hours ago)	104.28.163.17 - - [25/Jun/2026:15:43:22 +0300] "GET /wp-login.php HTTP/1.1" 404 764 "-" "Mozilla/5.0 ... show more 104.28.163.17 - - [25/Jun/2026:15:43:22 +0300] "GET /wp-login.php HTTP/1.1" 404 764 "-" "Mozilla/5.0" 104.28.163.17 - - [25/Jun/2026:15:43:23 +0300] "GET /wp-login.php HTTP/1.1" 404 765 "-" "Mozilla/5.0" ... show less	Web App Attack
🇨🇳 pengpeng	2026-06-24 11:05:23 (1 day ago)	monitor: on VM-0-7-ubuntu \| port: 45959 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporte ... show more monitor: on VM-0-7-ubuntu \| port: 45959 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 Lino Project	2026-06-21 17:19:40 (4 days ago)	104.28.163.17 - - [21/Jun/2026:19:19:36 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3718 "-" "Mozilla/5.0 ... show more 104.28.163.17 - - [21/Jun/2026:19:19:36 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3718 "-" "Mozilla/5.0 (Windows NT 6.3; x64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/88.0.0.0 Safari/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 voormedia	2026-06-20 23:03:25 (4 days ago)	Accessed trap at '/wp-login.php'	Web App Attack
🇮🇩 RasyiidWho	2026-06-20 22:50:35 (4 days ago)	ip112.20 . 104.28.163.17 - - [21/Jun/2026:05:50:34 +0700] "GET /wp-login.php HTTP/1.1" 404 146 "-" " ... show more ip112.20 . 104.28.163.17 - - [21/Jun/2026:05:50:34 +0700] "GET /wp-login.php HTTP/1.1" 404 146 "-" "Mozilla/5.0" ... show less	DDoS Attack Brute-Force Port Scan Bad Web Bot Web App Attack SSH
🇨🇦 KIsmay	2026-06-18 19:50:19 (1 week ago)	Jun 18 15:05:31 www4 WPAudit[2389232]: 104.28.163.17 siscobc.com "Mozilla/5.0" sisco:sisco888 FAIL J ... show more Jun 18 15:05:31 www4 WPAudit[2389232]: 104.28.163.17 siscobc.com "Mozilla/5.0" sisco:sisco888 FAIL Jun 18 15:05:31 www4 WPAudit[2393752]: 104.28.163.17 siscobc.com "Mozilla/5.0" sbd-admin:sbd-admin888 FAIL Jun 18 15:28:33 www4 WPAudit[2393752]: 104.28.163.17 siscobc.com "Mozilla/5.0" sisco:siscobc.com123 FAIL Jun 18 15:28:33 www4 WPAudit[2394519]: 104.28.163.17 siscobc.com "Mozilla/5.0" sbd-admin:siscobc.com123 FAIL Jun 18 15:50:18 www4 WPAudit[2400319]: 104.28.163.17 siscobc.com "Mozilla/5.0" sisco:sisco@123 FAIL ... show less	Brute-Force Web App Attack
🇷🇴 iulianh	2026-06-18 19:05:01 (1 week ago)	25,465,587	Brute-Force SSH
🇳🇱 Site.eu	2026-06-18 17:36:47 (1 week ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇩🇪 ger-stg-sifi1	2026-06-18 16:21:00 (1 week ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇫🇷 dynamix	2026-06-18 16:10:42 (1 week ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 etu brutus	2026-06-18 15:30:22 (1 week ago)	104.28.163.17 Blocked by [Attack Vector List] ...	Hacking Brute-Force Exploited Host
🇩🇪 big-cloud.nl	2026-06-18 15:18:17 (1 week ago)	Try to access /xmlrpc.php	Web App Attack
🇨🇦 KIsmay	2026-06-18 13:04:01 (1 week ago)	Jun 18 08:29:57 www4 WPAudit[2360323]: 104.28.163.17 siscobc.com "Mozilla/5.0" sbd-admin:admin FAIL ... show more Jun 18 08:29:57 www4 WPAudit[2360323]: 104.28.163.17 siscobc.com "Mozilla/5.0" sbd-admin:admin FAIL Jun 18 08:29:57 www4 WPAudit[2361548]: 104.28.163.17 siscobc.com "Mozilla/5.0" sisco:admin FAIL Jun 18 08:46:43 www4 WPAudit[2366811]: 104.28.163.17 siscobc.com "Mozilla/5.0" sbd-admin:admin888 FAIL Jun 18 08:46:43 www4 WPAudit[2360323]: 104.28.163.17 siscobc.com "Mozilla/5.0" sisco:admin888 FAIL Jun 18 09:04:01 www4 WPAudit[2372068]: 104.28.163.17 siscobc.com "Mozilla/5.0" sbd-admin:admin123 FAIL ... show less	Brute-Force Web App Attack
🇮🇩 sockominfo	2026-06-18 10:01:05 (1 week ago)	User login to application from malicious IP 104.28.163.17.. Threat Score: 3.6/10 (LOW). Confidence: ... show more User login to application from malicious IP 104.28.163.17.. Threat Score: 3.6/10 (LOW). Confidence: 30%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 40%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-18 09:00:53 (1 week ago)	User login to application from malicious IP 104.28.163.17.. Threat Score: 3.8/10 (LOW). Confidence: ... show more User login to application from malicious IP 104.28.163.17.. Threat Score: 3.8/10 (LOW). Confidence: 30%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 40%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT show less	Hacking Web App Attack

Showing 1 to 15 of 401 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 187.216.224.85

🇺🇸 162.216.149.244

🇹🇭 147.50.103.212

🇨🇳 110.249.202.92

🇷🇺 89.23.113.208

🇹🇭 223.204.219.22

🇩🇪 216.26.249.174

🇩🇪 213.209.159.236

🇺🇸 195.184.76.173

🇩🇪 185.242.3.87

🇮🇹 185.197.9.67

🇨🇳 110.249.202.89

🇳🇱 91.92.40.66

🇷🇺 82.151.118.51

🇷🇴 80.94.92.234

🇮🇳 52.140.124.214

🇸🇦 51.36.218.70

🇳🇱 45.148.10.121

🇨🇳 8.140.225.151

🇺🇸 216.180.246.97