JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.28.163.97

104.28.163.97 was found in our database!

This IP was reported 224 times. Confidence of Abuse is 100%: ?

100%

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.28.163.97

Whois 104.28.163.97

IP Abuse Reports for 104.28.163.97:

This IP address has been reported a total of 224 times from 116 distinct sources. 104.28.163.97 was first reported on January 23rd 2025, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-06-03 09:54:29 (13 hours ago)	Web attack/malicious scanning detected	Web App Attack
🇳🇱 Site.eu	2026-06-03 05:28:23 (18 hours ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇮🇩 sockominfo	2026-06-02 02:00:46 (1 day ago)	User login to application from malicious IP 104.28.163.97.. Threat Score: 3.9/10 (LOW). Confidence: ... show more User login to application from malicious IP 104.28.163.97.. Threat Score: 3.9/10 (LOW). Confidence: 30%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 57%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-02 01:00:39 (1 day ago)	User login to application from malicious IP 104.28.163.97.. Threat Score: 4.1/10 (MEDIUM). Confidenc ... show more User login to application from malicious IP 104.28.163.97.. Threat Score: 4.1/10 (MEDIUM). Confidence: 40%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 57%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
Anonymous	2026-06-01 10:48:46 (2 days ago)	Try to connect to Port_Scan_15000_stealth	Port Scan
🇮🇩 sockominfo	2026-06-01 06:00:39 (2 days ago)	User login to application from malicious IP 104.28.163.97.. Threat Score: 3.4/10 (LOW). Confidence: ... show more User login to application from malicious IP 104.28.163.97.. Threat Score: 3.4/10 (LOW). Confidence: 30%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 40%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Moderate. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-01 05:00:40 (2 days ago)	User login to application from malicious IP 104.28.163.97.. Threat Score: 3.5/10 (LOW). Confidence: ... show more User login to application from malicious IP 104.28.163.97.. Threat Score: 3.5/10 (LOW). Confidence: 30%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 40%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Moderate. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-01 04:00:44 (2 days ago)	User login to application from malicious IP 104.28.163.97.. Threat Score: 3.6/10 (LOW). Confidence: ... show more User login to application from malicious IP 104.28.163.97.. Threat Score: 3.6/10 (LOW). Confidence: 30%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 40%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-01 01:00:12 (2 days ago)	User login to application from malicious IP 104.28.163.97.. Threat Score: 0/10 (INFORMATIONAL). Repo ... show more User login to application from malicious IP 104.28.163.97.. Threat Score: 0/10 (INFORMATIONAL). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇩🇪 R.G.	2026-05-31 14:27:48 (3 days ago)	(XMLRPCorWHATEVER) Get lost please 104.28.163.97 (SG/Singapore/-): 3 in the last 900 secs; Ports: ; ... show more (XMLRPCorWHATEVER) Get lost please 104.28.163.97 (SG/Singapore/-): 3 in the last 900 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇫🇷 Kenshin869	2026-05-31 11:57:21 (3 days ago)	Wordpress unauthorized access attempt	Brute-Force
🇺🇸 Jason Howell	2026-05-31 11:55:27 (3 days ago)	104.28.163.97 - - [31/May/2026:06:40:39 -0500] "GET /wp-login.php HTTP/1.1" 200 3944 "-" "Mozilla/5. ... show more 104.28.163.97 - - [31/May/2026:06:40:39 -0500] "GET /wp-login.php HTTP/1.1" 200 3944 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 Version/17.0 Safari/605.1.15" 104.28.163.97 - - [31/May/2026:06:54:31 -0500] "POST /wp-login.php HTTP/1.1" 200 4309 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; rv:143.0) Gecko/20100101 Firefox/143.0" 104.28.163.97 - - [31/May/2026:06:54:31 -0500] "POST /wp-login.php HTTP/1.1" 200 4328 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; rv:143.0) Gecko/20100101 Firefox/143.0" 104.28.163.97 - - [31/May/2026:06:54:31 -0500] "POST /wp-login.php HTTP/1.1" 200 4332 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 Version/17.0 Safari/605.1.15" 104.28.163.97 - - [31/May/2026:06:55:26 -0500] "POST /wp-login.php HTTP/1.1" 200 2051 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; rv:143.0) Gecko/20100101 Firefox/143.0" ... show less	Web App Attack
🇩🇪 big-cloud.nl	2026-05-31 10:48:11 (3 days ago)	Try to access /xmlrpc.php	Web App Attack
Anonymous	2026-05-29 10:59:36 (5 days ago)	Aggressive web scan	Web App Attack
🇮🇩 sockominfo	2026-05-25 13:00:39 (1 week ago)	User login to application from malicious IP 104.28.163.97.. Threat Score: 3.6/10 (LOW). Confidence: ... show more User login to application from malicious IP 104.28.163.97.. Threat Score: 3.6/10 (LOW). Confidence: 30%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 40%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Moderate. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT show less	Hacking Web App Attack

Showing 1 to 15 of 224 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇹 196.189.236.162

🇧🇷 179.184.242.48

🇳🇱 176.65.148.156

🇺🇸 147.185.132.158

🇮🇳 103.190.7.203

🇧🇪 198.235.24.215

🇧🇷 177.234.161.72

🇮🇹 158.47.242.106

🇩🇪 151.243.11.248

🇳🇱 89.21.67.169

🇱🇹 62.60.130.31

🇬🇧 35.203.210.113

🇵🇱 212.87.243.112

🇮🇳 125.99.178.4

🇨🇳 124.221.121.246

🇨🇭 85.5.148.125

🇺🇸 71.6.237.117

🇲🇾 47.250.151.47

🇺🇸 45.156.129.57

🇳🇱 45.148.10.147