AbuseIPDB » 172.104.209.44

172.104.209.44 was found in our database!

This IP was reported 1,042 times. Confidence of Abuse is 100%: ?

100%

ISP	Linode
Usage Type	Data Center/Web Hosting/Transit
ASN	AS63949
Hostname(s)	172-104-209-44.ip.linodeusercontent.com
Domain Name	linode.com
Country	United States of America
City	Cedar Knolls, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 172.104.209.44

Whois 172.104.209.44

IP Abuse Reports for 172.104.209.44:

This IP address has been reported a total of 1,042 times from 345 distinct sources. 172.104.209.44 was first reported on March 18th 2022, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
blackrooty	2025-06-13 00:03:22 (14 hours ago)	Automatic report: IP 172.104.209.44 detected 62 time(s). Reason: nginx ddos/crawl	DDoS Attack Brute-Force Bad Web Bot Web App Attack
blackrooty	2025-06-12 00:03:19 (1 day ago)	Automatic report: IP 172.104.209.44 detected 62 time(s). Reason: nginx ddos/crawl	DDoS Attack Brute-Force Bad Web Bot Web App Attack
blackrooty	2025-06-11 00:03:13 (2 days ago)	Automatic report: IP 172.104.209.44 detected 62 time(s). Reason: nginx ddos/crawl	DDoS Attack Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-06-10 15:18:59 (2 days ago)	2025-06-10T17:15:38+02:00 exit-2 sshd[93889]: pam_unix(sshd:auth): authentication failure; logname= ... show more2025-06-10T17:15:38+02:00 exit-2 sshd[93889]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.104.209.44 user=root 2025-06-10T17:15:40+02:00 exit-2 sshd[93889]: Failed password for root from 172.104.209.44 port 47669 ssh2 2025-06-10T17:18:57+02:00 exit-2 sshd[94926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.104.209.44 user=root 2025-06-10T17:18:59+02:00 exit-2 sshd[94926]: Failed password for root from 172.104.209.44 port 33272 ssh2 ... show less	Brute-Force SSH
Anonymous	2025-06-10 05:50:41 (3 days ago)	Fail2Ban - Postfix SMTP Reject - Auth Failure	Email Spam Brute-Force
blackrooty	2025-06-10 00:03:11 (3 days ago)	Automatic report: IP 172.104.209.44 detected 62 time(s). Reason: nginx ddos/crawl	DDoS Attack Brute-Force Bad Web Bot Web App Attack
blackrooty	2025-06-09 00:03:05 (4 days ago)	Automatic report: IP 172.104.209.44 detected 62 time(s). Reason: nginx ddos/crawl	DDoS Attack Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-06-07 00:41:07 (6 days ago)	2025-06-07T00:40:36.608836 ARES sshd[4148]: Failed password for root from 172.104.209.44 port 50156 ... show more2025-06-07T00:40:36.608836 ARES sshd[4148]: Failed password for root from 172.104.209.44 port 50156 ssh2 2025-06-07T00:41:04.898388 ARES sshd[4253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172-104-209-44.ip.linodeusercontent.com user=root 2025-06-07T00:41:07.096698 ARES sshd[4253]: Failed password for root from 172.104.209.44 port 58395 ssh2 ... show less	Brute-Force SSH
blackrooty	2025-06-06 12:02:47 (1 week ago)	Automatic report: IP 172.104.209.44 detected 62 time(s). Reason: nginx ddos/crawl	DDoS Attack Brute-Force Bad Web Bot Web App Attack
paradoxnetworks	2025-06-05 12:09:49 (1 week ago)	2025-06-05T12:07:33.403387+00:00 edge-drt-chi02.int.pdx.net.uk sshd[877080]: Failed password for roo ... show more2025-06-05T12:07:33.403387+00:00 edge-drt-chi02.int.pdx.net.uk sshd[877080]: Failed password for root from 172.104.209.44 port 41619 ssh2 2025-06-05T12:09:46.280368+00:00 edge-drt-chi02.int.pdx.net.uk sshd[878061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.104.209.44 user=root 2025-06-05T12:09:48.631774+00:00 edge-drt-chi02.int.pdx.net.uk sshd[878061]: Failed password for root from 172.104.209.44 port 44140 ssh2 ... show less	Brute-Force SSH
blackrooty	2025-06-05 00:03:44 (1 week ago)	Automatic report: IP 172.104.209.44 detected 62 time(s). Reason: nginx ddos/crawl	DDoS Attack Brute-Force Bad Web Bot Web App Attack
F63NNKJ4	2025-06-04 20:02:28 (1 week ago)	...	Brute-Force SSH
Spamectomy_Doctor_USA	2025-06-04 05:55:22 (1 week ago)	email spam phishing spoofing	Hacking
digitallodge.cloud	2025-06-03 20:00:39 (1 week ago)	Open proxy and SSH brute force activity detected from VPS logs	Open Proxy Brute-Force
digitallodge.cloud	2025-06-03 19:47:31 (1 week ago)	Open proxy and SSH brute force activity detected from VPS logs	Open Proxy Brute-Force

Showing 1 to 15 of 1042 reports

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩

Recently Reported IPs:

8.222.163.108

35.203.210.234

196.242.89.48

157.66.54.162

65.20.193.144

103.208.105.228

45.66.209.17

167.94.145.29

35.240.174.82

160.30.50.24

103.146.33.16

49.119.102.78

194.165.16.162

103.172.205.172

77.222.152.251

105.116.12.35

196.251.84.225

58.57.46.178

115.65.168.61

112.193.195.176