JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.28.163.50

104.28.163.50 was found in our database!

This IP was reported 171 times. Confidence of Abuse is 83%: ?

83%

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.28.163.50

Whois 104.28.163.50

IP Abuse Reports for 104.28.163.50:

This IP address has been reported a total of 171 times from 91 distinct sources. 104.28.163.50 was first reported on December 28th 2024, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇴 clauss	2026-06-21 13:52:53 (10 hours ago)	IP reached maximum auth failures for a one day block	Brute-Force
🇫🇷 dusfor72	2026-06-21 09:56:36 (14 hours ago)	stupid web attack ...	Brute-Force Web App Attack
🇩🇪 Phenix Info	2026-06-21 07:32:01 (16 hours ago)	SmallGuard.fr/Prestashop Honeypot	Web App Attack
🇩🇪 FeG Deutschland	2026-06-20 16:48:01 (1 day ago)	Mail: - login with unknown user - bruteforce	Brute-Force
🇨🇿 Honzas	2026-06-19 07:38:31 (2 days ago)	Brute Force SMTP AUTH Attack	Brute-Force
🇺🇸 [email protected]	2026-06-18 17:52:09 (3 days ago)	Total attacks: 1	Brute-Force
🇪🇸 masterguru	2026-06-18 00:31:56 (3 days ago)	(xmlrpc) Failed xmlrpc access from 104.28.163.50 (IE/Ireland/-): 5 in the last 3600 secs (0-122)	Hacking
🇳🇱 Roderic	2026-06-07 07:38:31 (2 weeks ago)	Port Scan detected from 104.28.163.50 (HK/Hong Kong/-/Hong Kong/-/[redacted]).	Port Scan
Anonymous	2026-06-06 13:06:45 (2 weeks ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: HK, Attack patterns: Auto ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: HK, Attack patterns: Automated scanning show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 22:14:37 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 104.28.163.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.28.163.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 18:14:30.312257 2026] [security2:error] [pid 11645:tid 11645] [client 104.28.163.50:49321] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pointillistic.com"] [uri "/ren//sftp-config.json"] [unique_id "aiNKRl3-DlXVZWTpthD7EQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 21:18:51 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 104.28.163.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.28.163.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 17:18:47.564763 2026] [security2:error] [pid 23166:tid 23166] [client 104.28.163.50:49710] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "register-yacht-belgium.com"] [uri "/sftp-config.json"] [unique_id "aiM9N0dpCqe31RdB1e35kAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 20:50:34 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 104.28.163.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.28.163.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 16:50:29.060690 2026] [security2:error] [pid 21448:tid 21448] [client 104.28.163.50:49061] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "register-boat-germany.com"] [uri "/sftp-config.json"] [unique_id "aiM2lftPlJEnjLlDtozAjwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 19:07:09 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 104.28.163.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.28.163.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 15:07:04.279895 2026] [security2:error] [pid 15728:tid 15728] [client 104.28.163.50:48882] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pbhomesinc.net"] [uri "/sftp-config.json"] [unique_id "aiMeWEhgNlNY84mNFg2S7AAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 18:08:02 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 104.28.163.50 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.28.163.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 14:07:55.426595 2026] [security2:error] [pid 5946:tid 5946] [client 104.28.163.50:49438] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.animz.com"] [uri "/deliveryishere//sftp-config.json"] [unique_id "aiMQe2tEDtqvQ42abw9OgQAAACc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 iNetWorker	2026-06-05 16:51:23 (2 weeks ago)	trolling for resource vulnerabilities	Web App Attack

Showing 1 to 15 of 171 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 195.94.241.98

🇸🇬 194.5.82.123

🇰🇷 180.182.234.22

🇨🇴 177.93.48.89

🇩🇪 151.243.11.248

🇨🇳 112.46.214.66

🇨🇳 112.28.130.136

🇳🇱 45.148.10.141

🇬🇧 2a06:4884:1000::16

🇹🇼 198.235.24.73

🇷🇺 195.239.47.189

🇷🇺 193.242.177.154

🇺🇸 192.155.84.74

🇳🇱 176.65.148.132

🇸🇬 172.188.89.41

🇮🇳 154.210.208.250

🇨🇳 117.34.85.169

🇬🇧 94.175.199.226

🇳🇱 91.92.40.204

🇫🇮 65.21.150.20