AbuseIPDB » 104.28.201.75

Check an IP Address, Domain Name, or Subnet

e.g. 3.238.250.73, microsoft.com, or 5.188.10.0/24

104.28.201.75 was found in our database!

This IP was reported 489 times. Confidence of Abuse is 0%: ?

ISP	CloudFlare Inc.
Usage Type	Content Delivery Network
Domain Name	cloudflare.com
Country	United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IP2Location. Updated monthly.

Important Note: 104.28.201.75 is an IP address from within our whitelist. Whitelisted netblocks are typically owned by trusted entities, such as Google or Microsoft who may use them for search engine spiders. However, these same entities sometimes also provide cloud servers and mail services which are easily abused. Pay special attention when trusting or distrusting these IPs.

According to our records, this IP belongs to the subnet 104.16.0.0/12, identified as: "Cloudflare Reverse Proxy"

Report 104.28.201.75

Whois 104.28.201.75

IP Abuse Reports for 104.28.201.75:

This IP address has been reported a total of 489 times from 187 distinct sources. 104.28.201.75 was first reported on November 1st 2022, and the most recent report was 14 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	Date	Comment	Categories
ipcop.net	14 hours ago	Feb 15 07:52:28 gw01.dial-in-auth.srvfarm.net sshd[1034333]: Disconnected from invalid user pongsiri ... show moreFeb 15 07:52:28 gw01.dial-in-auth.srvfarm.net sshd[1034333]: Disconnected from invalid user pongsiri 104.28.201.75 port 47831 [preauth] Feb 15 07:59:58 gw01.dial-in-auth.srvfarm.net sshd[1035262]: Invalid user lw from 104.28.201.75 port 24648 Feb 15 07:59:58 gw01.dial-in-auth.srvfarm.net sshd[1035262]: Disconnected from invalid user lw 104.28.201.75 port 24648 [preauth] Feb 15 08:05:49 gw01.dial-in-auth.srvfarm.net sshd[1036002]: Invalid user oracle from 104.28.201.75 port 13263 Feb 15 08:05:49 gw01.dial-in-auth.srvfarm.net sshd[1036002]: Disconnected from invalid user oracle 104.28.201.75 port 13263 [preauth] show less	Brute-Force
ipcop.net	14 hours ago	Feb 15 07:52:28 gw01.dial-in-auth.srvfarm.net sshd[1034333]: Disconnected from invalid user pongsiri ... show moreFeb 15 07:52:28 gw01.dial-in-auth.srvfarm.net sshd[1034333]: Disconnected from invalid user pongsiri 104.28.201.75 port 47831 [preauth] Feb 15 07:59:58 gw01.dial-in-auth.srvfarm.net sshd[1035262]: Invalid user lw from 104.28.201.75 port 24648 Feb 15 07:59:58 gw01.dial-in-auth.srvfarm.net sshd[1035262]: Disconnected from invalid user lw 104.28.201.75 port 24648 [preauth] Feb 15 08:05:49 gw01.dial-in-auth.srvfarm.net sshd[1036002]: Invalid user oracle from 104.28.201.75 port 13263 Feb 15 08:05:49 gw01.dial-in-auth.srvfarm.net sshd[1036002]: Disconnected from invalid user oracle 104.28.201.75 port 13263 [preauth] show less	Brute-Force
psauxit	23 Mar 2023	Fail2Ban - SSHD brute-force SSH server	SSH
Parth Maniar	01 Mar 2023	SSH login attempts (SSH bruteforce attack). For more information, or to report interesting/incorrect ... show moreSSH login attempts (SSH bruteforce attack). For more information, or to report interesting/incorrect findings, give me a shoutout @parthmaniar on Twitter. show less	Brute-Force SSH
Justin Catello	21 Feb 2023	104.28.201.75 (US/United States/-), 5 distributed sshd attacks on account [root] in the last 3600 se ... show more104.28.201.75 (US/United States/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Feb 21 08:50:00 16143 sshd[11857]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.233.74 user=root Feb 21 08:45:40 16143 sshd[11609]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.201.75 user=root Feb 21 08:45:42 16143 sshd[11609]: Failed password for root from 104.28.201.75 port 38201 ssh2 Feb 21 08:48:17 16143 sshd[11781]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.233.75 user=root Feb 21 08:48:18 16143 sshd[11781]: Failed password for root from 104.28.233.75 port 52479 ssh2 IP Addresses Blocked: 104.28.233.74 (US/United States/-) show less	Brute-Force SSH
NightWatch	21 Feb 2023	SSH brute force attempt (mtx)	Brute-Force SSH
Justin Catello	21 Feb 2023	104.28.201.75 (US/United States/-), 5 distributed sshd attacks on account [root] in the last 3600 se ... show more104.28.201.75 (US/United States/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Feb 21 07:33:47 16175 sshd[21060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.201.75 user=root Feb 21 07:24:55 16175 sshd[20466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.29.50.73 user=root Feb 21 07:24:57 16175 sshd[20466]: Failed password for root from 104.29.50.73 port 50778 ssh2 Feb 21 07:33:48 16175 sshd[21060]: Failed password for root from 104.28.201.75 port 44520 ssh2 Feb 21 07:26:42 16175 sshd[20597]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.29.50.73 user=root IP Addresses Blocked: show less	Brute-Force SSH
Dario B.	21 Feb 2023	DATE:2023-02-21 14:25:38, IP:104.28.201.75, PORT:ssh SSH brute force auth on honeypot server (epe-ho ... show moreDATE:2023-02-21 14:25:38, IP:104.28.201.75, PORT:ssh SSH brute force auth on honeypot server (epe-honey1-hq) show less	Brute-Force SSH
Anonymous	21 Feb 2023	Failed ssh connection attempt; Failed ssh connection attempt; Failed ssh connection attempt;	Brute-Force SSH
CRC in AU	21 Feb 2023	2023-02-21T21:02:17.993508+11:00 sshd[886257]: pam_unix(sshd:auth): authentication failure; logname ... show more2023-02-21T21:02:17.993508+11:00 sshd[886257]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.201.75 2023-02-21T21:02:19.786471+11:00 sshd[886257]: Failed password for invalid user db2fenc2 from 104.28.201.75 port 10145 ssh2 ... show less	Brute-Force SSH
Justin Catello	21 Feb 2023	104.28.201.75 (US/United States/-), 5 distributed sshd attacks on account [root] in the last 3600 se ... show more104.28.201.75 (US/United States/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Feb 21 03:10:14 13908 sshd[29333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.201.75 user=root Feb 21 03:05:18 13908 sshd[28955]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.201.75 user=root Feb 21 03:05:21 13908 sshd[28955]: Failed password for root from 104.28.201.75 port 11004 ssh2 Feb 21 03:07:26 13908 sshd[29081]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.37.103.36 user=root Feb 21 03:07:28 13908 sshd[29081]: Failed password for root from 200.37.103.36 port 60729 ssh2 IP Addresses Blocked: show less	Brute-Force SSH
sglorch.de	21 Feb 2023	Feb 21 08:53:31 fogg sshd[3809317]: Failed password for root from 104.28.201.75 port 18196 ssh2<br / ... show moreFeb 21 08:53:31 fogg sshd[3809317]: Failed password for root from 104.28.201.75 port 18196 ssh2 Feb 21 08:55:21 fogg sshd[3812529]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.201.75 user=root Feb 21 08:55:23 fogg sshd[3812529]: Failed password for root from 104.28.201.75 port 54249 ssh2 ... show less	Brute-Force SSH
Justin Catello	21 Feb 2023	104.28.201.75 (US/United States/-), 5 distributed sshd attacks on account [root] in the last 3600 se ... show more104.28.201.75 (US/United States/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Feb 21 00:48:04 16717 sshd[9435]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.233.75 user=root Feb 21 00:42:34 16717 sshd[9169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.233.75 user=root Feb 21 00:42:36 16717 sshd[9169]: Failed password for root from 104.28.233.75 port 47785 ssh2 Feb 21 00:46:15 16717 sshd[9346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.201.75 user=root Feb 21 00:46:17 16717 sshd[9346]: Failed password for root from 104.28.201.75 port 14931 ssh2 IP Addresses Blocked: 104.28.233.75 (US/United States/-) show less	Brute-Force SSH
Maya Bsir	21 Feb 2023	Feb 21 05:37:02 localhost sshd[385946]: Failed password for root from 104.28.201.75 port 50900 ssh2< ... show moreFeb 21 05:37:02 localhost sshd[385946]: Failed password for root from 104.28.201.75 port 50900 ssh2 Feb 21 05:52:55 localhost sshd[386057]: Invalid user wordpress from 104.28.201.75 port 19189 Feb 21 05:52:55 localhost sshd[386057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.201.75 Feb 21 05:52:57 localhost sshd[386057]: Failed password for invalid user wordpress from 104.28.201.75 port 19189 ssh2 Feb 21 05:58:34 localhost sshd[386196]: Invalid user ftpuser from 104.28.201.75 port 55413 ... show less	Brute-Force SSH
Odyssey346	21 Feb 2023	SSH brute force attempt (on Roubaix)	Brute-Force SSH