JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.28.163.27

104.28.163.27 was found in our database!

This IP was reported 201 times. Confidence of Abuse is 100%: ?

100%

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.28.163.27

Whois 104.28.163.27

IP Abuse Reports for 104.28.163.27:

This IP address has been reported a total of 201 times from 99 distinct sources. 104.28.163.27 was first reported on January 20th 2025, and the most recent report was 22 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 dbmwebdesign	2026-05-14 11:07:09 (2 weeks ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇫🇮 TrafficAnalyser	2026-05-13 04:09:14 (3 weeks ago)	Port scanning	Port Scan
🇳🇱 Roderic	2026-05-13 03:05:23 (3 weeks ago)	Port Scan detected from 104.28.163.27 (SG/Singapore/-/Singapore/-/[redacted]).	Port Scan
🇫🇷 masterguru	2026-05-13 01:47:02 (3 weeks ago)	Port Scan detected from 104.28.163.27 (IE/Ireland/-). 11 hits in the last 278 seconds (0-193)	Port Scan
🇬🇧 NotCool	2026-05-13 01:42:11 (3 weeks ago)	[3600] Port Scan detected from 104.28.163.27 (IE/-/-). 11 hits in the last 80 seconds	Brute-Force
🇩🇪 R.G.	2026-05-13 01:24:35 (3 weeks ago)	Port Scan detected from 104.28.163.27 (IE/Ireland/-). 13 hits in the last 30 seconds; Ports: ; Di ... show more Port Scan* detected from 104.28.163.27 (IE/Ireland/-). 13 hits in the last 30 seconds; Ports: ; Direction: in; Trigger: PS_LIMIT; Logs: May 13 03:24:18 kernel: Firewall: TCP_IN Blocked* IN=enp5s0 OUT= MAC=xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx00 SRC=104.28.163.27 DST=0.X.X.X LEN show less	Port Scan
🇩🇪 paissangroup	2026-05-12 12:10:53 (3 weeks ago)	Multiple WAF Violations	Web App Attack
🇧🇪 voormedia	2026-05-10 06:30:58 (3 weeks ago)	Accessed trap at '/wp-login.php'	Web App Attack
🇩🇪 FeG Deutschland	2026-05-10 06:19:57 (3 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 lostswordfish.com	2026-05-09 14:34:05 (3 weeks ago)	Wordfence waf block on fairregistry	Web App Attack
🇩🇪 paissangroup	2026-05-09 04:25:14 (3 weeks ago)	Multiple WAF Violations	Web App Attack
🇫🇷 SpaceHost-Server	2026-05-08 22:25:38 (3 weeks ago)		Brute-Force Web App Attack
Anonymous	2026-05-08 14:34:02 (3 weeks ago)	Fail2ban filtered ...	Web App Attack
🇮🇩 sockominfo	2026-05-08 11:00:39 (3 weeks ago)	User login to application from malicious IP 104.28.163.27.. Threat Score: 3.7/10 (LOW). Confidence: ... show more User login to application from malicious IP 104.28.163.27.. Threat Score: 3.7/10 (LOW). Confidence: 30%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 40%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-05-08 10:00:39 (3 weeks ago)	User login to application from malicious IP 104.28.163.27.. Threat Score: 4.1/10 (MEDIUM). Confidenc ... show more User login to application from malicious IP 104.28.163.27.. Threat Score: 4.1/10 (MEDIUM). Confidence: 40%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 57%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Very Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack

Showing 31 to 45 of 201 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.152

🇮🇪 108.130.47.249

🇬🇧 74.114.29.149

🇸🇦 50.60.31.180

🇺🇸 69.164.214.243

🇳🇱 45.156.87.117

🇺🇸 162.216.150.110

🇩🇪 152.70.18.38

🇭🇰 152.32.129.236

🇫🇮 147.185.133.167

🇸🇦 142.154.10.87

🇮🇱 46.116.141.53

🇩🇪 43.228.157.201

🇰🇿 37.150.87.223

🇨🇳 106.37.72.234

🇱🇺 88.207.195.88

🇭🇰 45.142.154.87

🇹🇿 41.93.32.88

🇵🇱 2a04:c605:409:92:9999::232

🇺🇸 2607:f8b0:4004:c23::128