JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.28.164.41

104.28.164.41 was found in our database!

This IP was reported 50 times. Confidence of Abuse is 32%: ?

32%

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇮🇳 India
City	Mumbai, Maharashtra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.28.164.41

Whois 104.28.164.41

IP Abuse Reports for 104.28.164.41:

This IP address has been reported a total of 50 times from 31 distinct sources. 104.28.164.41 was first reported on October 4th 2023, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 ardexter	2026-06-04 14:54:08 (2 days ago)	Wordpress attack and DDOS	DDoS Attack Web App Attack
Anonymous	2026-06-03 06:07:12 (4 days ago)	IP banned by Fail2Ban due to multiple malicious requests on Nginx	Brute-Force SSH Web App Attack
Anonymous	2026-05-31 08:09:00 (1 week ago)	IP banned by Fail2Ban due to multiple malicious requests on Nginx	Brute-Force SSH Web App Attack
🇫🇷 dynamix	2026-05-13 22:45:36 (3 weeks ago)	WordPress wp-login.php Brute Force Attack	Brute-Force Web App Attack
🇧🇷 posicionarte.cl	2026-05-13 22:30:26 (3 weeks ago)	WordPress failed login. User: Luis \| Entry: wp-login.php \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS ... show more WordPress failed login. User: Luis \| Entry: wp-login.php \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 Version/17.0 Safari/605.1.15 show less	Brute-Force
🇺🇸 TPI-Abuse	2026-05-10 18:47:32 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 104.28.164.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 104.28.164.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 10 14:47:24.750804 2026] [security2:error] [pid 18678:tid 18678] [client 104.28.164.41:61898] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 104.28.164.41 (+1 hits since last alert)\|americaskitchencoach.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "americaskitchencoach.com"] [uri "/xmlrpc.php"] [unique_id "agDSvBj7aXUmFh0LqmffUQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-07 02:40:03 (1 month ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇩🇪 paissangroup	2026-05-04 03:41:25 (1 month ago)	Multiple WAF Violations	Web App Attack
🇩🇪 paissangroup	2026-04-25 20:44:50 (1 month ago)	Multiple WAF Violations	Web App Attack
Anonymous	2026-04-14 04:25:25 (1 month ago)	104.28.164.41 - - [14/Apr/2026:06:12:51 +0200] "POST /wp-login.php HTTP/1.1" 200 9918 "-" "Mozilla/5 ... show more 104.28.164.41 - - [14/Apr/2026:06:12:51 +0200] "POST /wp-login.php HTTP/1.1" 200 9918 "-" "Mozilla/5.0" 104.28.164.41 - - [14/Apr/2026:06:18:05 +0200] "POST /wp-login.php HTTP/1.0" 200 7637 "-" "Mozilla/5.0" 104.28.164.41 - - [14/Apr/2026:06:18:08 +0200] "POST /wp-login.php HTTP/1.1" 200 7136 "-" "Mozilla/5.0" 104.28.164.41 - - [14/Apr/2026:06:25:22 +0200] "POST /wp-login.php HTTP/1.0" 200 10516 "-" "Mozilla/5.0" 104.28.164.41 - - [14/Apr/2026:06:25:24 +0200] "POST /wp-login.php HTTP/1.1" 200 9918 "-" "Mozilla/5.0" ... show less	Brute-Force Web App Attack
🇺🇸 Rip	2026-04-02 08:24:25 (2 months ago)	Authentication attack attempt. CMS Brute Force - Access Forbidden	Brute-Force Web App Attack
🇨🇿 plzenskypruvodce.cz	2026-04-02 04:15:34 (2 months ago)	[Thu Apr 02 06:15:30.941783 2026] [access_compat:error] [pid 2340858:tid 2340891] [client 104.28.164 ... show more [Thu Apr 02 06:15:30.941783 2026] [access_compat:error] [pid 2340858:tid 2340891] [client 104.28.164.41:45488] AH01797: client denied by server configuration: /var/www/buchtic.net/blog/xmlrpc.php [Thu Apr 02 06:15:32.285069 2026] [access_compat:error] [pid 2340858:tid 2340899] [client 104.28.164.41:45495] AH01797: client denied by server configuration: /var/www/buchtic.net/blog/xmlrpc.php ... show less	Web App Attack
Anonymous	2026-04-02 00:01:50 (2 months ago)	Fail2ban filtered ...	Web App Attack
🇩🇪 big-cloud.nl	2026-04-01 23:38:38 (2 months ago)	Try to access /xmlrpc.php	Web App Attack
🇩🇪 paissangroup	2026-04-01 23:06:12 (2 months ago)	Multiple WAF Violations	Web App Attack

Showing 1 to 15 of 50 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:400:d1:0:4:8bf1:a001

🇰🇷 218.156.93.203

🇪🇹 196.188.93.169

🇧🇷 186.233.118.22

🇬🇧 185.247.137.87

🇷🇺 85.234.8.116

🇺🇸 69.88.212.27

🇵🇱 57.128.214.238

🇭🇰 45.192.204.40

🇨🇳 36.133.208.182

🇺🇸 20.163.15.217

🇩🇪 144.31.80.14

🇵🇭 136.158.60.117

🇹🇼 111.185.230.249

🇺🇸 104.152.52.101

🇺🇸 66.132.172.106

🇰🇷 58.224.62.29

🇮🇳 183.82.111.224

🇮🇩 163.7.1.156

🇺🇸 135.237.124.223