JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.28.158.209

104.28.158.209 was found in our database!

This IP was reported 68 times. Confidence of Abuse is 33%: ?

33%

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇫🇷 France
City	Aulnay-sous-Bois, Ile-de-France

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.28.158.209

Whois 104.28.158.209

IP Abuse Reports for 104.28.158.209:

This IP address has been reported a total of 68 times from 41 distinct sources. 104.28.158.209 was first reported on April 28th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 bogdanv	2026-05-27 14:05:31 (1 week ago)	$f2bV_matches	Brute-Force SSH
🇷🇴 gtheo99	2026-05-23 19:57:48 (2 weeks ago)	104.28.158.209 (CA/Canada/-), 3 distributed smtpauth attacks on account [andrei.gheorghe@scoalapoian ... show more 104.28.158.209 (CA/Canada/-), 3 distributed smtpauth attacks on account [[email protected]] in the last 900 secs show less	SSH Brute-Force Hacking
🇳🇱 EGP Abuse Dept	2026-05-15 07:27:35 (3 weeks ago)	Unsolicited connection to port 465	Port Scan Hacking
🇨🇭 backslash	2026-05-08 06:36:03 (4 weeks ago)		Web Spam
🇷🇴 iulianh	2026-05-04 06:48:33 (1 month ago)	25,465,587	Brute-Force SSH
🇮🇩 xveil	2026-04-28 05:57:22 (1 month ago)	2026-04-28T12:57:20.612875 mail-honeypot postfix/submission/smtpd[12160]: warning: unknown[104.28.15 ... show more 2026-04-28T12:57:20.612875 mail-honeypot postfix/submission/smtpd[12160]: warning: unknown[104.28.158.209]: SASL PLAIN authentication failed: authentication failure ... show less	Brute-Force
Anonymous	2026-04-28 04:30:11 (1 month ago)	Failed login attempt detected by Fail2Ban in plesk-postfix jail	Brute-Force
🇬🇧 killian7603	2026-04-22 18:45:27 (1 month ago)	Logon Policy Violation	Email Spam Spoofing Brute-Force
🇺🇸 aks4226	2026-04-11 17:42:51 (1 month ago)	Brute force on SSH.	SSH Brute-Force
Anonymous	2026-04-08 18:26:45 (1 month ago)	104.28.158.209 - - [08/Apr/2026:20:26:22 +0200] "GET /mysql/ HTTP/1.1" 404 15551 "http://eosphoros.f ... show more 104.28.158.209 - - [08/Apr/2026:20:26:22 +0200] "GET /mysql/ HTTP/1.1" 404 15551 "http://eosphoros.fr/mysql/" "Mozilla/5.0 (iPhone; CPU iPhone OS 26_2_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/145.0.7632.55 Mobile/15E148 Safari/604.1" ... show less	Web App Attack
🇩🇪 bogdanv	2026-03-29 13:58:55 (2 months ago)	$f2bV_matches	Brute-Force SSH
🇺🇸 helix	2026-03-19 08:58:46 (2 months ago)	Automated report: SSH brute force detected. This IP exceeded the allowed number of failed login atte ... show more Automated report: SSH brute force detected. This IP exceeded the allowed number of failed login attempts (3 attempts). show less	Brute-Force SSH
Anonymous	2026-03-13 00:25:59 (2 months ago)	2026-03-13T02:25:58.990059+02:00 soli-gate postfix/submission/smtpd[3477496]: warning: unknown[104.2 ... show more 2026-03-13T02:25:58.990059+02:00 soli-gate postfix/submission/smtpd[3477496]: warning: unknown[104.28.158.209]: SASL LOGIN authentication failed: authentication failure, [email protected] ... show less	Brute-Force
🇺🇸 bigscoots.com	2026-03-02 18:24:57 (3 months ago)	(sshd) Failed SSH login from 104.28.158.209 (FR/France/-): 5 in the last 3600 secs; Ports: ; Direct ... show more (sshd) Failed SSH login from 104.28.158.209 (FR/France/-): 5 in the last 3600 secs; Ports: ; Direction: 1; Trigger: LF_SSHD; Logs: Mar 2 12:24:08 14725 sshd[3054]: Did not receive identification string from 104.28.158.209 port 59225 Mar 2 12:24:21 14725 sshd[3057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.158.209 user=root Mar 2 12:24:23 14725 sshd[3057]: Failed password for root from 104.28.158.209 port 59714 ssh2 Mar 2 12:24:41 14725 sshd[3064]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.158.209 user=root Mar 2 12:24:43 14725 sshd[3064]: Failed password for root from 104.28.158.209 port 59463 ssh2 show less	Brute-Force SSH
🇺🇸 bigscoots.com	2026-03-02 14:39:09 (3 months ago)	(sshd) Failed SSH login from 104.28.158.209 (FR/France/-): 5 in the last 3600 secs; Ports: ; Direct ... show more (sshd) Failed SSH login from 104.28.158.209 (FR/France/-): 5 in the last 3600 secs; Ports: ; Direction: 1; Trigger: LF_SSHD; Logs: Mar 2 08:38:28 13258 sshd[3884]: Did not receive identification string from 104.28.158.209 port 59845 Mar 2 08:38:37 13258 sshd[3886]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.158.209 user=root Mar 2 08:38:39 13258 sshd[3886]: Failed password for root from 104.28.158.209 port 59847 ssh2 Mar 2 08:38:50 13258 sshd[3889]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.158.209 user=root Mar 2 08:38:53 13258 sshd[3889]: Failed password for root from 104.28.158.209 port 58535 ssh2 show less	Brute-Force SSH

Showing 1 to 15 of 68 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇸 196.196.150.6

🇺🇸 172.234.218.210

🇩🇪 95.85.238.22

🇳🇱 20.224.168.82

🇵🇱 194.180.48.148

🇯🇵 156.227.235.173

🇳🇬 102.140.97.134

🇳🇱 45.156.87.254

🇳🇱 45.148.10.157

🇺🇸 3.142.170.60

🇬🇧 2a06:4880:8000::b1

🇰🇷 220.127.148.6

🇰🇷 210.90.155.178

🇸🇬 188.166.225.40

🇸🇬 101.47.15.26

🇺🇸 66.132.195.54

🇨🇭 209.99.184.143

🇬🇧 195.140.214.22

🇬🇧 194.11.155.211

🇺🇦 185.237.106.211