JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.28.163.26

104.28.163.26 was found in our database!

This IP was reported 305 times. Confidence of Abuse is 100%: ?

100%

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.28.163.26

Whois 104.28.163.26

IP Abuse Reports for 104.28.163.26:

This IP address has been reported a total of 305 times from 135 distinct sources. 104.28.163.26 was first reported on December 8th 2024, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇴 iulianh	2026-06-19 20:02:32 (10 hours ago)	25,465,587	Brute-Force SSH
Anonymous	2026-06-19 02:15:32 (1 day ago)	Fail2ban filtered ...	Web App Attack
🇨🇦 electronico	2026-06-18 21:45:46 (1 day ago)	104.28.163.26 - - [19/Jun/2026:08:45:44 +1100] "POST /xmlrpc.php HTTP/1.1" 503 22979 "-" "Mozilla/5. ... show more 104.28.163.26 - - [19/Jun/2026:08:45:44 +1100] "POST /xmlrpc.php HTTP/1.1" 503 22979 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; x86) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/82.0.0.0 Safari/537.36" ... show less	Brute-Force Web App Attack
🇳🇱 oisecnet	2026-06-16 21:03:45 (3 days ago)	Automated report: Unauthorized vulnerability scanning detected on 2026-06-16. 1 requests from this I ... show more Automated report: Unauthorized vulnerability scanning detected on 2026-06-16. 1 requests from this IP. show less	Brute-Force Web App Attack SSH
🇬🇷 setupgr	2026-06-16 09:31:45 (3 days ago)	(WPLOGIN) WP Login Attack 104.28.163.26: 1 in the last 86400 secs; Ports: ; Direction: inout; Trigg ... show more (WPLOGIN) WP Login Attack 104.28.163.26: 1 in the last 86400 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: 104.28.163.26 - - [16/Jun/2026:12:28:47 +0300] "GET /wp-login.php HTTP/1.1" 200 2697 "-" "Mozilla/5.0" show less	Port Scan
🇦🇺 MAGIC	2026-06-16 01:22:38 (4 days ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇮🇩 sockominfo	2026-06-15 07:00:53 (4 days ago)	User login to application from malicious IP 104.28.163.26.. Threat Score: 3.6/10 (LOW). Confidence: ... show more User login to application from malicious IP 104.28.163.26.. Threat Score: 3.6/10 (LOW). Confidence: 30%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 40%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-15 06:00:55 (5 days ago)	User login to application from malicious IP 104.28.163.26.. Threat Score: 3.7/10 (LOW). Confidence: ... show more User login to application from malicious IP 104.28.163.26.. Threat Score: 3.7/10 (LOW). Confidence: 30%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 40%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
Anonymous	2026-06-15 05:03:37 (5 days ago)	<jail> banned by fail2ban	Brute-Force Web App Attack
🇮🇩 sockominfo	2026-06-15 05:00:53 (5 days ago)	User login to application from malicious IP 104.28.163.26.. Threat Score: 3.8/10 (LOW). Confidence: ... show more User login to application from malicious IP 104.28.163.26.. Threat Score: 3.8/10 (LOW). Confidence: 30%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 40%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-15 04:00:08 (5 days ago)	User login to application from malicious IP 104.28.163.26.. Threat Score: 0/10 (INFORMATIONAL). Repo ... show more User login to application from malicious IP 104.28.163.26.. Threat Score: 0/10 (INFORMATIONAL). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇩🇪 LRob.fr	2026-06-14 19:45:03 (5 days ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-13 09:32:39 (6 days ago)	Blocked by CSF 13 firewall - Rule: XMLRPC US/United States/-	Web App Attack
🇳🇿 Antinson	2026-06-13 08:07:29 (6 days ago)	High error rate and elevated request volume targeting cPanel servers	Bad Web Bot
🇮🇩 sockominfo	2026-06-11 15:00:54 (1 week ago)	User login to application from malicious IP 104.28.163.26.. Threat Score: 3.8/10 (LOW). Confidence: ... show more User login to application from malicious IP 104.28.163.26.. Threat Score: 3.8/10 (LOW). Confidence: 30%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 40%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT show less	Hacking Web App Attack

Showing 1 to 15 of 305 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 203.210.241.22

🇧🇷 177.30.64.65

🇺🇸 147.185.132.253

🇨🇦 85.217.149.62

🇩🇪 31.70.86.135

🇺🇸 152.32.234.97

🇩🇪 130.12.182.142

🇨🇦 85.217.149.69

🇰🇿 199.189.254.84

🇦🇷 181.191.220.203

🇨🇳 140.206.194.53

🇸🇬 103.250.11.176

🇧🇬 94.155.124.98

🇫🇷 85.217.140.52

🇫🇷 85.217.140.4

🇸🇬 47.84.141.113

🇺🇸 24.2.128.84

🇺🇸 18.217.208.51

🇺🇸 5.249.165.36

🇨🇳 223.199.170.213