JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.28.163.18

104.28.163.18 was found in our database!

This IP was reported 193 times. Confidence of Abuse is 80%: ?

80%

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.28.163.18

Whois 104.28.163.18

IP Abuse Reports for 104.28.163.18:

This IP address has been reported a total of 193 times from 83 distinct sources. 104.28.163.18 was first reported on February 7th 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇿 Honzas	2026-06-09 05:48:56 (3 days ago)	Automatic report:09.06.2026 5:48:56. Port:587	Email Spam
🇫🇷 SpaceHost-Server	2026-06-05 22:25:34 (1 week ago)		Brute-Force Web App Attack
🇮🇩 sockominfo	2026-06-05 08:00:39 (1 week ago)	User login to application from malicious IP 104.28.163.18.. Threat Score: 3.9/10 (LOW). Confidence: ... show more User login to application from malicious IP 104.28.163.18.. Threat Score: 3.9/10 (LOW). Confidence: 30%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 33%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Very Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
Anonymous	2026-06-01 12:47:10 (1 week ago)	Blocked by siteaihub.com: auto: matched exact:/wp-login.php	Web App Attack Hacking
🇩🇪 FeG Deutschland	2026-06-01 12:25:33 (1 week ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇫🇮 inlink.ltd	2026-06-01 11:16:52 (1 week ago)	Known malicious PHP file or CMS probe	Web App Attack
Anonymous	2026-06-01 10:48:47 (1 week ago)	Try to connect to Port_Scan_15000_stealth	Port Scan
🇮🇩 sockominfo	2026-05-29 09:00:42 (2 weeks ago)	User login to application from malicious IP 104.28.163.18.. Threat Score: 4.1/10 (MEDIUM). Confidenc ... show more User login to application from malicious IP 104.28.163.18.. Threat Score: 4.1/10 (MEDIUM). Confidence: 40%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 57%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Very Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-05-29 08:00:17 (2 weeks ago)	User login to application from malicious IP 104.28.163.18.. Threat Score: 0/10 (INFORMATIONAL). Repo ... show more User login to application from malicious IP 104.28.163.18.. Threat Score: 0/10 (INFORMATIONAL). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇩🇪 LRob.fr	2026-05-27 07:30:07 (2 weeks ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇫🇷 ELYAZ	2026-05-27 00:45:39 (2 weeks ago)	(wordpress) Failed wordpress login from 104.28.163.18 (SG/Singapore/-): (CF_ENABLE)	Brute-Force
🇲🇽 octageeks.com	2026-05-26 04:06:20 (2 weeks ago)	Wordpress malicious attack:[octawpauthor]	Web App Attack
🇩🇪 Prodscape	2026-05-23 08:41:52 (2 weeks ago)	(XMLRPC) WP XMLPRC Attack 104.28.163.18 (IE/Ireland/-): 5 in the last 86400 secs; Ports: ; Directio ... show more (XMLRPC) WP XMLPRC Attack 104.28.163.18 (IE/Ireland/-): 5 in the last 86400 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER show less	Port Scan
🇦🇺 screwlooseit.com.au	2026-05-22 08:31:27 (3 weeks ago)	Blocked by CSF 13 firewall - Rule: XMLRPC US/United States/-	Web App Attack
Anonymous	2026-05-21 11:45:56 (3 weeks ago)	104.28.163.18 - - [21/May/2026:13:40:19 +0200] "POST /wp-login.php HTTP/1.0" 200 2915 "-" "Mozilla/5 ... show more 104.28.163.18 - - [21/May/2026:13:40:19 +0200] "POST /wp-login.php HTTP/1.0" 200 2915 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 Version/17.0 Safari/605.1.15" 104.28.163.18 - - [21/May/2026:13:40:20 +0200] "POST /wp-login.php HTTP/1.1" 200 2377 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 Version/17.0 Safari/605.1.15" 104.28.163.18 - - [21/May/2026:13:40:19 +0200] "POST /wp-login.php HTTP/1.0" 200 2886 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/129.0.0.0 Safari/537.36" 104.28.163.18 - - [21/May/2026:13:40:21 +0200] "POST /wp-login.php HTTP/1.1" 200 2348 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/129.0.0.0 Safari/537.36" 104.28.163.18 - - [21/May/2026:13:45:54 +0200] "POST /wp-login.php HTTP/1.0" 200 2915 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 Version/17.0 Safari/605.1.15" ... show less	Brute-Force Web App Attack

Showing 1 to 15 of 193 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.218.97.150

🇭🇰 199.45.154.180

🇺🇦 91.234.32.54

🇺🇸 72.17.34.38

🇺🇸 2600:1f10:4310:fa00:27f8:8a16:1c85:57a0

🇺🇸 208.84.100.251

🇲🇩 176.123.2.115

🇺🇸 107.152.11.99

🇳🇱 85.137.53.163

🇺🇸 73.44.201.31

🇺🇸 66.210.103.19

🇨🇳 60.161.0.235

🇸🇬 20.6.35.235

🇭🇰 223.197.178.95

🇰🇷 211.223.107.86

🇺🇸 192.69.120.248

🇺🇸 162.243.138.30

🇦🇪 153.75.91.28

🇭🇰 150.5.169.176

🇫🇮 147.185.133.97