JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.104.161.144

172.104.161.144 was found in our database!

This IP was reported 40 times. Confidence of Abuse is 69%: ?

69%

ISP	Linode
Usage Type	Data Center/Web Hosting/Transit
ASN	AS63949
Hostname(s)	172-104-161-144.ip.linodeusercontent.com
Domain Name	linode.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.104.161.144

Whois 172.104.161.144

IP Abuse Reports for 172.104.161.144:

This IP address has been reported a total of 40 times from 25 distinct sources. 172.104.161.144 was first reported on April 8th 2023, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇵 radheykrishna.com.np	2026-06-06 01:52:22 (1 week ago)	Jun 6 07:37:20 kernel: [4200551.715144] [UFW BLOCK] IN=ens160 OUT= SRC=172.104.161.144 LEN=53 TOS=0 ... show more Jun 6 07:37:20 kernel: [4200551.715144] [UFW BLOCK] IN=ens160 OUT= SRC=172.104.161.144 LEN=53 TOS=0x00 PREC=0x00 TTL=246 ID=54321 PROTO=UDP SPT=55668 DPT=27017 LEN=33 ... show less	Port Scan
🇨🇦 DRI	2026-06-06 00:39:12 (1 week ago)	Unsolicited UDP traffic on Honeypot, srcport=51788 dstport=27017	Port Scan Hacking
🇩🇪 ValtonTahiri	2026-06-05 18:23:40 (1 week ago)	UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly as ... show more UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly associated with port scanning, service discovery, or automated internet probing. Technical: source_ip=172.104.161.144; proto=UDP; source_port=44610; target_port=27017 show less	Port Scan
🇸🇪 NordhTech	2026-06-05 17:15:12 (1 week ago)	More than 3 malicious connection attempts, trying port(s) 27017/tcp, then blocked from services ...	Port Scan Hacking
🇮🇳 Mr.Singh	2026-06-05 15:30:13 (1 week ago)	NFT blocked 172.104.161.144 on 05-Jun-2026..	Port Scan Brute-Force
🇺🇸 [email protected]	2026-06-05 15:27:27 (1 week ago)	Ports: 27017. Proto: UDP. Observations: 1	Port Scan
Anonymous	2026-06-05 13:42:06 (1 week ago)	unsolicited UDP packet to port 27017 (33 bytes)	Hacking
🇺🇸 anon333	2026-06-05 13:33:29 (1 week ago)	Hacker syslog review 1780666409	Hacking
🇳🇱 BIV	2026-06-05 11:58:34 (1 week ago)	Honeypot multi-source hit. Sources: dshield:fw,tpot:Suricata. Ports: 27017. Automated tiered (T-Pot+ ... show more Honeypot multi-source hit. Sources: dshield:fw,tpot:Suricata. Ports: 27017. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking
🇩🇪 Admins@FBN	2026-06-05 11:10:17 (1 week ago)	FW-PortScan: Traffic Blocked srcport=43965 dstport=27017	Port Scan
🇩🇪 iNetWorker	2026-06-05 10:30:41 (1 week ago)	firewall-block, port(s): 27017/udp	Port Scan
🇫🇷 Petre 21_ip	2026-06-05 10:15:15 (1 week ago)	2026-06-05T12:15:14.082808+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c ... show more 2026-06-05T12:15:14.082808+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c0:69:11:b3:85:db:08:00 SRC=172.104.161.144 DST=155.133.26.57 LEN=53 TOS=0x00 PREC=0x00 TTL=242 ID=54321 PROTO=UDP SPT=40050 DPT=27017 LEN=33 ... show less	Port Scan
🇺🇸 Cyber Crusader	2026-06-05 02:39:18 (1 week ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
🇺🇸 mind5t0rm	2026-05-10 19:54:20 (1 month ago)	(WPLOGIN) WP Login Attack 172.104.161.144 (SG/Singapore/172-104-161-144.ip.linodeusercontent.com): 3 ... show more (WPLOGIN) WP Login Attack 172.104.161.144 (SG/Singapore/172-104-161-144.ip.linodeusercontent.com): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 172.104.161.144 - - [11/May/2026:02:54:11 +0700] "GET /wp-login.php HTTP/2.0" 200 3113 "-" "Mozila/5.0" 172.104.161.144 - - [11/May/2026:02:54:14 +0700] "POST /wp-login.php HTTP/2.0" 200 3270 "-" "Mozila/5.0" 172.104.161.144 - - [11/May/2026:02:54:16 +0700] "GET /wp-login.php?redirect_to=https%3A%2F%2Fzerowaterthailand.com%2Fwp-admin%2F&reauth=1 HTTP/2.0" 200 3119 "-" "Mozila/5.0" show less	Port Scan
🇺🇸 mind5t0rm	2026-05-10 16:46:15 (1 month ago)	(WPLOGIN) WP Login Attack 172.104.161.144 (SG/Singapore/172-104-161-144.ip.linodeusercontent.com): 3 ... show more (WPLOGIN) WP Login Attack 172.104.161.144 (SG/Singapore/172-104-161-144.ip.linodeusercontent.com): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 172.104.161.144 - - [10/May/2026:23:46:08 +0700] "GET /wp-login.php HTTP/2.0" 200 3113 "-" "Mozila/5.0" 172.104.161.144 - - [10/May/2026:23:46:11 +0700] "POST /wp-login.php HTTP/2.0" 200 3270 "-" "Mozila/5.0" 172.104.161.144 - - [10/May/2026:23:46:14 +0700] "GET /wp-login.php?redirect_to=https%3A%2F%2Fzerowaterthailand.com%2Fwp-admin%2F&reauth=1 HTTP/2.0" 200 3119 "-" "Mozila/5.0" show less	Port Scan

Showing 1 to 15 of 40 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 2a00:1450:4013:c1e::126

🇺🇸 216.180.246.178

🇨🇳 175.12.108.55

🇺🇸 162.216.150.252

🇻🇳 123.24.137.246

🇨🇳 116.171.13.210

🇺🇸 45.156.129.113

🇳🇱 45.148.10.147

🇳🇱 31.220.45.74

🇺🇸 216.25.89.116

🇩🇪 178.105.62.42

🇷🇴 94.156.152.234

🇱🇹 81.30.98.144

🇪🇸 45.132.34.71

🇺🇸 20.169.107.122

🇺🇸 216.25.89.107

🇹🇼 198.235.24.91

🇰🇷 121.161.242.168

🇧🇬 91.191.209.98

🇳🇱 78.142.18.172