JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.28.163.99

104.28.163.99 was found in our database!

This IP was reported 260 times. Confidence of Abuse is 100%: ?

100%

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.28.163.99

Whois 104.28.163.99

IP Abuse Reports for 104.28.163.99:

This IP address has been reported a total of 260 times from 142 distinct sources. 104.28.163.99 was first reported on January 22nd 2025, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 6kilowatti	2026-05-15 15:21:18 (2 weeks ago)	2026-05-15T18:21:17.421149+03:00 6kw kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3e:b6:e7:09:78:9a:18 ... show more 2026-05-15T18:21:17.421149+03:00 6kw kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3e:b6:e7:09:78:9a:18:bd:57:7e:08:00 SRC=104.28.163.99 DST=5.61.88.83 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=38795 DF PROTO=TCP SPT=23544 DPT=2082 WINDOW=65535 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇺🇸 sumnone	2026-05-15 14:39:52 (2 weeks ago)	Port probing on unauthorized port 2087	Port Scan Hacking Exploited Host
🇩🇪 David Ferneding	2026-05-15 14:37:23 (2 weeks ago)	Blocked by UFW (TCP on 2082) Source port: 23503 TTL: 58 Packet length: 60 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 2082) Source port: 23503 TTL: 58 Packet length: 60 TOS: 0x00 This report (for 104.28.163.99) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇲🇾 Rizzy	2026-05-15 13:07:30 (2 weeks ago)	Multiple failed cPanel logins	Web App Attack
🇩🇪 grassau.com	2026-05-15 13:02:03 (2 weeks ago)	Port Scan detected from 104.28.163.99 (SG/Singapore/-/Singapore/-).	Port Scan
🇨🇦 Blinker73	2026-05-15 12:54:44 (2 weeks ago)	2026-05-15T08:54 kernel: OUT= SRC=104.28.163.99 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=62192 DF P ... show more 2026-05-15T08:54 kernel: OUT= SRC=104.28.163.99 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=62192 DF PROTO=TCP SPT=22276 DPT=2087 WINDOW=65535 RES=0x00 SYN URGP=0 2026-05-15T08:54 kernel: OUT= SRC=104.28.163.99 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=62193 DF PROTO=TCP SPT=22276 DPT=2087 WINDOW=65535 RES=0x00 SYN URGP=0 2026-05-15T08:54 kernel: OUT= SRC=104.28.163.99 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=62194 DF PROTO=TCP SPT=22276 DPT=2087 WINDOW=65535 RES=0x00 SYN URGP= show less	Port Scan
Anonymous	2026-05-15 11:50:01 (2 weeks ago)	(cpanel) Failed cPanel login from 104.28.163.99 (SG/Singapore/-): 5 in the last 600 secs; Ports: ; ... show more (cpanel) Failed cPanel login from 104.28.163.99 (SG/Singapore/-): 5 in the last 600 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: [2026-05-15 05:49:31 -0600] info [cpaneld] 104.28.163.99 - root "POST /login/?login_only=1 HTTP/1.1" FAILED LOGIN cpaneld: root login is not permitted to cpaneld [2026-05-15 05:49:32 -0600] info [cpaneld] 104.28.163.99 - root "POST /login/?login_only=1 HTTP/1.1" FAILED LOGIN cpaneld: root login is not permitted to cpaneld [2026-05-15 05:49:45 -0600] info [whostmgrd] 104.28.163.99 - root "POST /login/?login_only=1 HTTP/1.1" FAILED LOGIN whostmgrd: user password incorrect [2026-05-15 05:49:53 -0600] info [whostmgrd] 104.28.163.99 - root "GET /cpsess4240924766/json-api/version HTTP/1.1" FAILED LOGIN whostmgrd: user password incorrect [2026-05-15 05:49:56 -0600] info [whostmgrd] 104.28.163.99 - root "POST /login/?login_only=1 HTTP/1.1" FAILED LOGIN whostmgrd: user password incorrect show less	Port Scan
🇷🇴 iulianh	2026-05-13 00:20:36 (3 weeks ago)	25,465,587	Brute-Force SSH
🇩🇪 paissangroup	2026-05-12 17:35:32 (3 weeks ago)	Multiple WAF Violations	Web App Attack
🇫🇷 masterguru	2026-05-12 11:59:15 (3 weeks ago)	wp-login request blocked, no referer. Pattern match "wp-login.php" at REQUEST_URI. (88020-196)	Hacking
🇩🇪 paissangroup	2026-05-11 06:18:17 (3 weeks ago)	Multiple WAF Violations	Web App Attack
Anonymous	2026-05-09 21:18:41 (3 weeks ago)	(wordpress) Failed wordpress login from 104.28.163.99 (SG/Singapore/-)	Brute-Force
🇩🇪 FeG Deutschland	2026-05-07 16:26:45 (3 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 WeekendWeb	2026-05-07 08:04:19 (3 weeks ago)	Wordpress Vunerability attack	Web App Attack
🇦🇺 screwlooseit.com.au	2026-05-07 07:33:40 (3 weeks ago)	Blocked by CSF 13 firewall - Rule: XMLRPC US/United States/-	Web App Attack

Showing 31 to 45 of 260 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 203.161.39.197

🇵🇰 182.190.222.2

🇰🇷 20.200.223.37

🇮🇳 210.16.103.246

🇲🇰 185.193.240.246

🇺🇸 185.180.198.66

🇺🇸 150.107.38.184

🇺🇸 132.148.131.176

🇸🇬 103.250.11.63

🇺🇸 96.78.175.41

🇱🇹 81.30.98.49

🇺🇸 65.49.20.115

🇹🇿 41.93.32.48

🇧🇪 34.79.92.232

🇰🇷 218.150.184.241

🇰🇷 211.180.105.241

🇺🇸 195.184.76.230

🇺🇸 185.180.198.24

🇦🇲 176.32.193.16

🇺🇸 172.93.103.2