JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.28.239.63

104.28.239.63 was found in our database!

This IP was reported 297 times. Confidence of Abuse is 100%: ?

100%

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇰🇷 Korea (the Republic of)
City	Tongjin, Gyeonggi-do

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.28.239.63

Whois 104.28.239.63

IP Abuse Reports for 104.28.239.63:

This IP address has been reported a total of 297 times from 146 distinct sources. 104.28.239.63 was first reported on April 18th 2023, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-07 04:32:41 (1 hour ago)	Failed login attempt detected by Fail2Ban in plesk-postfix jail	Brute-Force
🇷🇴 Fn4ticHz	2026-06-05 17:52:53 (1 day ago)	DDoS blocked via ZeroGuard.ID	DDoS Attack Exploited Host
🇧🇷 helix	2026-06-03 06:18:29 (3 days ago)	Automated report: SSH brute force detected. This IP exceeded the allowed number of failed login atte ... show more Automated report: SSH brute force detected. This IP exceeded the allowed number of failed login attempts (3 attempts). show less	Brute-Force SSH
🇧🇷 KingHost	2026-06-03 01:21:32 (4 days ago)		Brute-Force
🇬🇧 anycast_ac	2026-05-31 13:25:35 (6 days ago)	[WebProtection] L4/L7 attack source · L4-22-GLOBAL-FLOOD · 5 hits/window	DDoS Attack
Anonymous	2026-05-31 04:30:27 (1 week ago)	Failed login attempt detected by Fail2Ban in plesk-postfix jail	Brute-Force
🇺🇸 bigscoots.com	2026-05-30 17:47:37 (1 week ago)	(sshd) Failed SSH login from 104.28.239.63 (CZ/Czechia/-): 5 in the last 3600 secs; Ports: ; Direct ... show more (sshd) Failed SSH login from 104.28.239.63 (CZ/Czechia/-): 5 in the last 3600 secs; Ports: ; Direction: 1; Trigger: LF_SSHD; Logs: May 30 12:46:24 14352 sshd[12612]: Did not receive identification string from 104.28.239.63 port 36215 May 30 12:46:31 14352 sshd[12657]: Did not receive identification string from 104.28.239.63 port 36220 May 30 12:47:03 14352 sshd[12658]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.239.63 user=root May 30 12:47:05 14352 sshd[12658]: Failed password for root from 104.28.239.63 port 36333 ssh2 May 30 12:47:23 14352 sshd[13084]: Did not receive identification string from 104.28.239.63 port 60560 show less	Brute-Force SSH
🇩🇪 s@ch@	2026-05-30 16:15:01 (1 week ago)	Jail: ssh \| SSH brute-force	Brute-Force SSH
🇺🇸 KitsuneTech	2026-05-30 15:13:47 (1 week ago)	2026-05-30T10:13:39.911372-05:00 kitsunetech.com sshd-session[863579]: User root from 104.28.239.63 ... show more 2026-05-30T10:13:39.911372-05:00 kitsunetech.com sshd-session[863579]: User root from 104.28.239.63 not allowed because not listed in AllowUsers 2026-05-30T10:13:44.344036-05:00 kitsunetech.com sshd-session[863579]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.239.63 user=root 2026-05-30T10:13:46.524661-05:00 kitsunetech.com sshd-session[863579]: Failed password for invalid user root from 104.28.239.63 port 34465 ssh2 ... show less	Brute-Force SSH
🇺🇸 vandomatos	2026-05-30 14:34:57 (1 week ago)	May 30 07:34:22 servidor sshd[4176194]: Connection closed by authenticating user root 104.28.239.63 ... show more May 30 07:34:22 servidor sshd[4176194]: Connection closed by authenticating user root 104.28.239.63 port 57869 [preauth] May 30 07:34:53 servidor sshd[4176225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.239.63 user=root May 30 07:34:55 servidor sshd[4176225]: Failed password for root from 104.28.239.63 port 33925 ssh2 ... show less	Brute-Force SSH
🇺🇸 bigscoots.com	2026-05-30 11:06:10 (1 week ago)	104.28.239.63 (CZ/Czechia/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Po ... show more 104.28.239.63 (CZ/Czechia/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: May 30 06:05:55 14411 sshd[6719]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.239.63 user=root May 30 06:05:57 14411 sshd[6719]: Failed password for root from 104.28.239.63 port 45877 ssh2 May 30 06:02:04 14411 sshd[5071]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.18.100 user=root May 30 06:02:07 14411 sshd[5071]: Failed password for root from 178.128.18.100 port 43356 ssh2 May 30 06:05:30 14411 sshd[6667]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.122.119.100 user=root IP Addresses Blocked: show less	Brute-Force SSH
🇩🇪 ghostwarriors	2026-05-30 10:50:32 (1 week ago)	Unauthorized connection attempt detected, SSH Brute-Force	Brute-Force Port Scan SSH
🇧🇬 MazenHost	2026-05-30 04:07:21 (1 week ago)	May 30 07:04:20 BCRP sshd[4168444]: Failed password for root from 104.28.239.63 port 25639 ssh2 May ... show more May 30 07:04:20 BCRP sshd[4168444]: Failed password for root from 104.28.239.63 port 25639 ssh2 May 30 07:05:34 BCRP sshd[4171441]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.239.63 user=root May 30 07:05:37 BCRP sshd[4171441]: Failed password for root from 104.28.239.63 port 63787 ssh2 May 30 07:06:30 BCRP sshd[4173645]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.239.63 user=root May 30 07:06:32 BCRP sshd[4173645]: Failed password for root from 104.28.239.63 port 29068 ssh2 May 30 07:07:19 BCRP sshd[4175673]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.28.239.63 user=root May 30 07:07:20 BCRP sshd[4175673]: Failed password for root from 104.28.239.63 port 35192 ssh2 ... show less	Brute-Force SSH
🇳🇱 donarev419	2026-05-30 00:28:26 (1 week ago)	Port scan detected on port 2200 (connection without data transfer)	Port Scan
🇬🇧 pufferfishenjoyer	2026-05-30 00:21:17 (1 week ago)	IP caught from endlessh logs	Brute-Force SSH

Showing 1 to 15 of 297 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 222.222.168.9

🇯🇵 203.25.124.147

🇨🇳 183.193.72.42

🇮🇩 140.213.187.136

🇮🇳 125.23.183.142

🇨🇳 124.220.11.234

🇺🇸 107.180.88.176

🇫🇷 80.241.223.106

🇳🇱 45.153.34.195

🇭🇰 40.83.92.30

🇺🇸 206.81.107.154

🇮🇳 182.70.182.223

🇻🇳 171.231.68.204

🇱🇹 81.30.98.44

🇺🇸 20.109.95.99

🇺🇸 20.65.195.33

🇺🇸 205.210.31.76

🇺🇸 193.3.53.6

🇫🇮 185.254.158.19

🇺🇸 172.237.156.201