JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.245.104.64

104.245.104.64 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 32%: ?

32%

ISP	DataWagon, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS27176
Hostname(s)	ip-104-245-104-64.host.datawagon.net
Domain Name	datawagon.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.245.104.64

Whois 104.245.104.64

IP Abuse Reports for 104.245.104.64:

This IP address has been reported a total of 15 times from 14 distinct sources. 104.245.104.64 was first reported on July 19th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 ZIME	2026-06-03 11:08:37 (2 days ago)	UFW BLOCK Report: Total attempts: 28 Top ports and details: - Port 22 (28x): SSH Brute-Force ( ... show more UFW BLOCK Report: Total attempts: 28 Top ports and details: - Port 22 (28x): SSH Brute-Force (e.g., CVE-2024-6387 regreSSHion, botnets like Mirai, Mozi) Source IP: 104.245.104.64 \| this report is autogenerated by ZIME Cloud show less	Brute-Force SSH
🇩🇪 ZIME	2026-06-03 10:38:31 (2 days ago)	UFW BLOCK Report: Total attempts: 66 Top ports and details: - Port 3306 (2x): MySQL Brute / Ex ... show more UFW BLOCK Report: Total attempts: 66 Top ports and details: - Port 3306 (2x): MySQL Brute / Exploit (e.g., weak root passwords, authentication bypass CVEs) - Port 22 (64x): SSH Brute-Force (e.g., CVE-2024-6387 regreSSHion, botnets like Mirai, Mozi) Source IP: 104.245.104.64 \| this report is autogenerated by ZIME Cloud show less	SQL Injection Brute-Force SSH
🇩🇪 Nick2	2026-06-03 02:09:11 (3 days ago)	2026-06-03 02:04:12 connection from 104.245.104.64 2026-06-03 02:04:47 connection from 104.245.104.6 ... show more 2026-06-03 02:04:12 connection from 104.245.104.64 2026-06-03 02:04:47 connection from 104.245.104.64 2026-06-03 02:08:44 connection from 104.245.104.64 2026-06-03 02:09:09 connection from 104.245.104.64 2026-06-03 02:09:10 connection from 104.245.104.64 ... show less	Brute-Force Port Scan SSH
🇫🇷 aki	2026-05-30 21:30:27 (6 days ago)	Drop: ...	Port Scan
🇫🇷 LegitMT	2026-05-20 07:44:05 (2 weeks ago)	Honeypot: cowrie SSH brute-force login as '?'/'?' from 104.245.104.64 at 2026-05-20T07:44:01.717689Z	Brute-Force SSH
🇺🇸 aks4226	2026-05-19 18:57:37 (2 weeks ago)	Attacking common web applications.	Web App Attack
🇱🇹 Evag Touf	2026-05-08 00:59:56 (4 weeks ago)	(mod_security) mod_security triggered on hostname [redacted] 104.245.104.64 (US/United States/-)	SQL Injection
🇨🇦 polycoda	2026-02-10 07:53:05 (3 months ago)	AutoBlock: 📡 Port Scan (Non Decay-Based)	Port Scan
🇫🇷 GabrielJST	2025-12-23 12:35:57 (5 months ago)	Port Scan detected from 104.245.104.64 (US/United States/ip-104-245-104-64.host.datawagon.net).	Port Scan
🇺🇸 morm	2025-11-03 02:15:25 (7 months ago)	Nov 2 19:15:23 fortemn pure-ftpd: ([email protected]) [WARNING] Authentication failed for user [letm ... show more Nov 2 19:15:23 fortemn pure-ftpd: ([email protected]) [WARNING] Authentication failed for user [letmein:)] Nov 2 19:15:23 fortemn pure-ftpd: ([email protected]) [WARNING] Authentication failed for user [letmein:)] Nov 2 19:15:25 fortemn pure-ftpd: ([email protected]) [WARNING] Authentication failed for user [letmein:)] ... show less	FTP Brute-Force Brute-Force
🇺🇸 masterguru	2025-10-25 05:50:09 (7 months ago)	Found User-Agent associated with security scanner. Matched phrase "nmap scripting engine" at REQUEST ... show more Found User-Agent associated with security scanner. Matched phrase "nmap scripting engine" at REQUEST_HEADERS:User-Agent. (913100-164) show less	Hacking Bad Web Bot
🇬🇧 Apache	2025-10-22 11:13:16 (7 months ago)	(mod_security) mod_security (id:210801) triggered by 104.245.104.64 (US/United States/ip-104-245-104 ... show more (mod_security) mod_security (id:210801) triggered by 104.245.104.64 (US/United States/ip-104-245-104-64.host.datawagon.net): 5 in the last 300 secs show less	Brute-Force Web App Attack
🇫🇷 security.rdmc.fr	2025-10-20 02:04:04 (7 months ago)	Port Scan Attack proto:TCP src:42423 dst:631	Port Scan
🇺🇸 juguemosalacarioca.com	2025-10-10 20:57:04 (7 months ago)	(sshd) Failed SSH login from 104.245.104.64 (US/United States/ip-104-245-104-64.host.datawagon.net): ... show more (sshd) Failed SSH login from 104.245.104.64 (US/United States/ip-104-245-104-64.host.datawagon.net): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 10 20:56:18 ddchallenge-prod sshd[18411]: Did not receive identification string from 104.245.104.64 port 40242 Oct 10 20:56:32 ddchallenge-prod sshd[18547]: Did not receive identification string from 104.245.104.64 port 58566 Oct 10 20:56:35 ddchallenge-prod sshd[18550]: Did not receive identification string from 104.245.104.64 port 58578 Oct 10 20:56:42 ddchallenge-prod sshd[18557]: Did not receive identification string from 104.245.104.64 port 46606 Oct 10 20:56:59 ddchallenge-prod sshd[18656]: Did not receive identification string from 104.245.104.64 port 51934 show less	Port Scan
🇨🇳 ThreatBook.io	2025-07-19 22:45:00 (10 months ago)	ThreatBook Intelligence: Scanner more details on http://threatbook.io/ip/104.245.104.64	SSH

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 180.76.103.111

🇮🇳 103.132.243.250

🇺🇸 102.129.223.92

🇷🇺 89.113.142.177

🇰🇷 59.14.177.115

🇺🇸 13.89.125.27

🇷🇴 2.57.121.25

🇬🇧 195.140.214.30

🇺🇸 195.26.241.81

🇬🇧 193.163.125.173

🇫🇮 147.185.133.96

🇵🇱 146.59.0.13

🇧🇷 131.255.228.91

🇰🇷 112.217.188.122

🇩🇪 69.5.169.182

🇨🇦 57.134.215.133

🇱🇹 45.227.254.170

🇸🇪 45.84.107.198

🇺🇸 44.222.128.21

🇬🇧 35.203.210.21