JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.237.138.96

104.237.138.96 was found in our database!

This IP was reported 454 times. Confidence of Abuse is 100%: ?

100%

ISP	Linode
Usage Type	Data Center/Web Hosting/Transit
ASN	AS63949
Hostname(s)	104-237-138-96.ip.linodeusercontent.com
Domain Name	linode.com
Country	🇺🇸 United States of America
City	Richardson, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.237.138.96

Whois 104.237.138.96

IP Abuse Reports for 104.237.138.96:

This IP address has been reported a total of 454 times from 124 distinct sources. 104.237.138.96 was first reported on October 15th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇳 evicky2002	2026-05-27 06:00:00 (1 week ago)	Confirmed malicious by STILWaters CTI platform (score=100, sources=1)	Hacking Brute-Force SSH
🇫🇷 Fasetech	2026-05-27 00:44:36 (1 week ago)	SecLedge detected suspicious activity. Score: 99.0. Sensor: T-Pot.	Brute-Force
🇫🇷 Fasetech	2026-05-20 16:16:16 (2 weeks ago)	SecLedge detected suspicious activity. Score: 99.0. Sensor: T-Pot.	Brute-Force
🇬🇧 AdrianT	2026-05-19 15:36:13 (2 weeks ago)	SMTP port scanning	Port Scan
🇧🇷 ICS Labs	2026-05-18 21:02:15 (2 weeks ago)	ICS Labs identified 104.237.138.96 as a malicious indicator from threat intelligence.	Hacking
🇫🇷 security.rdmc.fr	2026-05-15 09:39:37 (3 weeks ago)	Port Scan Attack proto:TCP src:55395 dst:990	Port Scan
🇺🇸 MPL	2026-05-15 07:35:56 (3 weeks ago)	tcp/2050 (2 or more attempts)	Port Scan
🇩🇪 zupan	2026-05-15 07:23:33 (3 weeks ago)	Blocked by UFW on vps [901/tcp] \| SPT: 48559 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: github. ... show more Blocked by UFW on vps [901/tcp] \| SPT: 48559 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 MPL	2026-05-15 06:14:20 (3 weeks ago)	tcp/789 (2 or more attempts)	Port Scan
🇺🇸 withfallback.com	2026-05-15 05:55:02 (3 weeks ago)	sends \r\n\r\n and waits; probably looking for telnet	Port Scan
🇺🇸 MPL	2026-05-15 04:30:32 (3 weeks ago)	tcp/631	Port Scan
🇳🇱 VMHeaven.io	2026-05-15 03:10:38 (3 weeks ago)	Blocked by UFW [623/tcp] Source port: 54047 TTL: 236 Packet length: 44	Port Scan
🇧🇷 diego	2026-05-15 03:06:04 (3 weeks ago)	[rede-168-134] 05/15/2026-00:06:03.969851, 104.237.138.96, Protocol: 6, ET CINS Active Threat Intell ... show more [rede-168-134] 05/15/2026-00:06:03.969851, 104.237.138.96, Protocol: 6, ET CINS Active Threat Intelligence Poor Reputation IP group 160 show less	Hacking
🇺🇸 Cyber Crusader	2026-05-15 01:46:27 (3 weeks ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
🇬🇧 andypiper	2026-05-15 01:00:46 (3 weeks ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack

Showing 1 to 15 of 454 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 146.70.194.236

🇷🇺 91.194.213.187

🇱🇹 45.227.254.170

🇺🇸 45.79.149.61

🇺🇸 2620:171:fd:f0::235

🇭🇰 150.5.169.176

🇺🇸 128.203.203.233

🇨🇳 118.212.120.98

🇲🇲 103.59.163.134

🇺🇸 20.65.193.191

🇺🇿 213.230.127.104

🇳🇱 176.65.139.130

🇽🇰 91.187.112.47

🇳🇱 45.148.10.141

🇨🇴 45.65.233.18

🇺🇸 195.184.76.120

🇺🇸 162.240.228.207

🇺🇸 157.254.223.135

🇧🇷 152.241.27.68

🇮🇪 128.251.36.118