AbuseIPDB » 104.28.152.243
104.28.152.243 was found in our database!
This IP was reported 8 times. Confidence of
Abuse
is 14% : ?
ISP
Cloudflare, Inc.
Usage Type
Data Center/Web Hosting/Transit
ASN
AS13335
Domain Name
cloudflare.com
Country
๐บ๐ธ
United States of America
City
Bennett, Colorado
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 104.28.152.243 :
This IP address has been reported a total of
8
times from
6 distinct
sources.
104.28.152.243 was first reported on
January 5th 2024 , and the most recent report was
1 day ago .
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ง๐ฌ
sanitariu
2026-06-28 23:33:02
(1 day ago)
Jun 29 02:33:01 dri postfix/smtpd[708016]: warning: unknown[104.28.152.243]: SASL PLAIN authenticati ...
show more
Jun 29 02:33:01 dri postfix/smtpd[708016]: warning: unknown[104.28.152.243]: SASL PLAIN authentication failed: (reason unavailable), sasl_username=nasko
...
show less
Brute-Force
๐ฎ๐น
VHosting
2026-06-16 00:57:13
(2 weeks ago)
Detected mail brute force attack from 4 different servers
Brute-Force
๐จ๐ญ
Origon
2026-04-29 02:24:53
(2 months ago)
postfix-non-smtp-command - IP: 104.28.152.243 - time="2026-04-29T04:24:52+02:00" level=info msg="(5 ...
show more
postfix-non-smtp-command - IP: 104.28.152.243 - time="2026-04-29T04:24:52+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/postfix-non-smtp-command by ip 104.28.152.243 (US/13335) : 4h ban on Ip 104.28.152.243" module=db
show less
Email Spam
๐ณ๐ฑ
Study Bitcoin ๐ค
2024-11-11 15:22:45
(1 year ago)
Port probe to tcp/8 (unassigned)
[srv127]
Port Scan
๐ณ๐ฑ
Study Bitcoin ๐ค
2024-11-11 15:18:20
(1 year ago)
Port probe to tcp/8 (unassigned)
[srv127]
Port Scan
๐บ๐ธ
TPI-Abuse
2024-03-01 23:29:54
(2 years ago)
(mod_security) mod_security (id:210492) triggered by 104.28.152.243 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.28.152.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 01 18:29:46.386353 2024] [security2:error] [pid 25501] [client 104.28.152.243:47465] [client 104.28.152.243] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "terryhildebrandprints.com"] [uri "/.git/config"] [unique_id "ZeJk6hDJQKpcbZULqk2LDAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-02-24 19:25:06
(2 years ago)
(mod_security) mod_security (id:210492) triggered by 104.28.152.243 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.28.152.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 24 14:25:02.023796 2024] [security2:error] [pid 29696] [client 104.28.152.243:26813] [client 104.28.152.243] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "2daves4woodway.com"] [uri "/.git/config"] [unique_id "ZdpCjj-9S04AHkYpLF35cgAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐พ
Rizzy
2024-01-05 07:34:09
(2 years ago)
Multiple WAF Violations
Brute-Force
Web App Attack
Showing 1 to
8
of 8 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: