JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.28.213.40

104.28.213.40 was found in our database!

This IP was reported 1,345 times. Confidence of Abuse is 100%: ?

100%

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇺🇸 United States of America
City	Buffalo, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.28.213.40

Whois 104.28.213.40

IP Abuse Reports for 104.28.213.40:

This IP address has been reported a total of 1,345 times from 527 distinct sources. 104.28.213.40 was first reported on February 21st 2024, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 Server	2025-11-15 02:08:10 (6 months ago)	Invalid 5 SSH connections in span of 15 minutes (honeypot)	Brute-Force SSH
🇰🇷 Woodie	2025-11-15 01:09:37 (6 months ago)	2025-11-15T10:06:45.432404+09:00 debian sshd[881446]: pam_unix(sshd:auth): authentication failure; l ... show more 2025-11-15T10:06:45.432404+09:00 debian sshd[881446]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.213.40 2025-11-15T10:06:47.493082+09:00 debian sshd[881446]: Failed password for invalid user x from 104.28.213.40 port 49669 ssh2 2025-11-15T10:09:36.576422+09:00 debian sshd[882866]: Invalid user wordpress from 104.28.213.40 port 15069 ... show less	Brute-Force SSH
🇬🇧 [email protected]	2025-11-15 00:33:44 (6 months ago)	...	Brute-Force SSH
🇰🇷 Woodie	2025-11-15 00:28:34 (6 months ago)	2025-11-15T09:28:31.505528+09:00 debian sshd[857783]: Invalid user aaa from 104.28.213.40 port 45879 ... show more 2025-11-15T09:28:31.505528+09:00 debian sshd[857783]: Invalid user aaa from 104.28.213.40 port 45879 2025-11-15T09:28:31.506578+09:00 debian sshd[857783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.213.40 2025-11-15T09:28:33.306385+09:00 debian sshd[857783]: Failed password for invalid user aaa from 104.28.213.40 port 45879 ssh2 ... show less	Brute-Force SSH
🇨🇦 hpg	2025-11-15 00:04:02 (6 months ago)	Nov 15 13:04:01 sea sshd-session[362026]: Invalid user njs from 104.28.213.40 port 43767	Brute-Force SSH
🇺🇸 bigscoots.com	2025-11-14 23:45:26 (6 months ago)	(sshd) Failed SSH login from 104.28.213.40 (US/United States/-): 5 in the last 3600 secs; Ports: ; ... show more (sshd) Failed SSH login from 104.28.213.40 (US/United States/-): 5 in the last 3600 secs; Ports: ; Direction: 1; Trigger: LF_SSHD; Logs: Nov 14 17:36:30 13646 sshd[20233]: Invalid user alice from 104.28.213.40 port 53214 Nov 14 17:36:32 13646 sshd[20233]: Failed password for invalid user alice from 104.28.213.40 port 53214 ssh2 Nov 14 17:41:07 13646 sshd[20666]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.213.40 user=root Nov 14 17:41:10 13646 sshd[20666]: Failed password for root from 104.28.213.40 port 14205 ssh2 Nov 14 17:45:13 13646 sshd[21027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.213.40 user=root show less	Brute-Force SSH
🇳🇱 Redeco Hosting	2025-11-14 23:00:23 (6 months ago)	Failed login attempt detected by Fail2Ban in ssh jail	Brute-Force
🇩🇪 focusnic.com	2025-11-14 21:59:27 (6 months ago)	(sshd) Failed SSH login from 104.28.213.40 (EG/Egypt/-): 5 in the last 3600 secs; Ports: ; Directio ... show more (sshd) Failed SSH login from 104.28.213.40 (EG/Egypt/-): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_SSHD; Logs: Nov 14 21:49:32 server-95-179-243-207 sshd[1382827]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.213.40 user=root Nov 14 21:49:34 server-95-179-243-207 sshd[1382827]: Failed password for root from 104.28.213.40 port 17841 ssh2 Nov 14 21:58:04 server-95-179-243-207 sshd[1383703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.213.40 user=root Nov 14 21:58:06 server-95-179-243-207 sshd[1383703]: Failed password for root from 104.28.213.40 port 51724 ssh2 Nov 14 21:59:23 server-95-179-243-207 sshd[1383837]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.213.40 user=root show less	Port Scan
🇺🇸 bigscoots.com	2025-11-14 21:57:22 (6 months ago)	(sshd) Failed SSH login from 104.28.213.40 (EG/Egypt/-): 5 in the last 3600 secs; Ports: ; Directio ... show more (sshd) Failed SSH login from 104.28.213.40 (EG/Egypt/-): 5 in the last 3600 secs; Ports: ; Direction: 1; Trigger: LF_SSHD; Logs: Nov 14 15:51:32 19079 sshd[32756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.213.40 user=root Nov 14 15:51:34 19079 sshd[32756]: Failed password for root from 104.28.213.40 port 51783 ssh2 Nov 14 15:56:03 19079 sshd[695]: Invalid user h from 104.28.213.40 port 54747 Nov 14 15:56:05 19079 sshd[695]: Failed password for invalid user h from 104.28.213.40 port 54747 ssh2 Nov 14 15:57:16 19079 sshd[786]: Invalid user ak from 104.28.213.40 port 56375 show less	Brute-Force SSH
🇩🇪 formality	2025-11-14 21:55:52 (6 months ago)	Invalid user h from 104.28.213.40 port 24265	Brute-Force SSH
🇩🇪 sh97	2025-11-14 21:41:53 (6 months ago)	DE02-HBRR-STOR: SSH Brute Force from 104.28.213.40 at 2025-11-15 03:11:37 IST	Brute-Force SSH
🇺🇸 bigscoots.com	2025-11-14 21:18:41 (6 months ago)	(sshd) Failed SSH login from 104.28.213.40 (EG/Egypt/-): 5 in the last 3600 secs; Ports: ; Directio ... show more (sshd) Failed SSH login from 104.28.213.40 (EG/Egypt/-): 5 in the last 3600 secs; Ports: ; Direction: 1; Trigger: LF_SSHD; Logs: Nov 14 15:01:06 15863 sshd[21601]: Invalid user user from 104.28.213.40 port 46737 Nov 14 15:01:08 15863 sshd[21601]: Failed password for invalid user user from 104.28.213.40 port 46737 ssh2 Nov 14 15:15:28 15863 sshd[22697]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.213.40 user=root Nov 14 15:15:30 15863 sshd[22697]: Failed password for root from 104.28.213.40 port 44115 ssh2 Nov 14 15:18:23 15863 sshd[22904]: Invalid user jane from 104.28.213.40 port 23991 show less	Brute-Force SSH
🇺🇸 yandx.top	2025-11-14 21:05:54 (6 months ago)	2025-11-15T05:05:51.396509+08:00 us21.cdn.420422709.xyz sshd-session[119002]: Invalid user john from ... show more 2025-11-15T05:05:51.396509+08:00 us21.cdn.420422709.xyz sshd-session[119002]: Invalid user john from 104.28.213.40 port 17007 2025-11-15T05:05:51.402356+08:00 us21.cdn.420422709.xyz sshd-session[119002]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.213.40 2025-11-15T05:05:53.720639+08:00 us21.cdn.420422709.xyz sshd-session[119002]: Failed password for invalid user john from 104.28.213.40 port 17007 ssh2 ... show less	Brute-Force SSH
🇪🇸 tutaim.com	2025-11-14 20:24:31 (6 months ago)	👿 104.28.213.40 has been involved in malicious and brute-force activity. Reported by umarmohammad.xy ... show more 👿 104.28.213.40 has been involved in malicious and brute-force activity. Reported by umarmohammad.xyz show less	Brute-Force SSH
🇺🇸 bigscoots.com	2025-11-14 20:16:39 (6 months ago)	104.28.213.40 (EG/Egypt/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Port ... show more 104.28.213.40 (EG/Egypt/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Nov 14 14:15:46 15930 sshd[5616]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.213.40 user=root Nov 14 14:15:47 15930 sshd[5616]: Failed password for root from 104.28.213.40 port 42970 ssh2 Nov 14 14:12:10 15930 sshd[5383]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.47.120.88 user=root Nov 14 14:12:11 15930 sshd[5383]: Failed password for root from 151.47.120.88 port 32816 ssh2 Nov 14 14:16:22 15930 sshd[5685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.57.115.15 user=root IP Addresses Blocked: show less	Brute-Force SSH

Showing 151 to 165 of 1345 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 213.32.23.140

🇧🇪 198.235.24.177

🇧🇷 187.0.238.206

🇮🇩 182.10.100.138

🇸🇦 178.73.79.84

🇰🇷 116.123.150.231

🇺🇸 98.245.24.105

🇷🇴 92.118.39.236

🇺🇸 76.81.71.226

🇺🇸 69.171.234.31

🇺🇸 216.180.246.7

🇻🇪 206.0.176.249

🇧🇷 200.170.220.6

🇭🇺 194.180.12.23

🇻🇳 171.244.141.86

🇭🇳 170.83.118.204

🇺🇸 170.9.16.186

🇺🇸 162.216.150.237

🇭🇰 152.32.133.103

🇨🇳 113.108.13.168