JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 39.104.56.177

39.104.56.177 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 100%: ?

100%

ISP	Aliyun Computing Co., LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS37963
Domain Name	alibabacloud.com
Country	🇨🇳 China
City	Beijing, Beijing

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 39.104.56.177

Whois 39.104.56.177

IP Abuse Reports for 39.104.56.177:

This IP address has been reported a total of 29 times from 25 distinct sources. 39.104.56.177 was first reported on May 28th 2026, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Da_tschek	2026-06-19 18:57:57 (5 days ago)	Port scanning	Port Scan Hacking
🇺🇸 micropedro	2026-06-19 14:30:31 (6 days ago)	5 incidents: port scanning. First: 2026-06-19 09:24, Last: 2026-06-19 10:30 UTC. Triggers: non-publi ... show more 5 incidents: port scanning. First: 2026-06-19 09:24, Last: 2026-06-19 10:30 UTC. Triggers: non-public-port,port-trap,firewall-tcp,ufw-repeater,recidive. show less	Port Scan Brute-Force
🇩🇪 iNetWorker	2026-06-19 13:28:27 (6 days ago)	trying to access non-authorized port	Port Scan
🇫🇮 iamxorum	2026-06-19 13:23:59 (6 days ago)	2026-06-19T13:23:58.279226+00:00 XRM-01 kernel: [HONEYPORT] IN=eth0 OUT= MAC=92:00:06:e6:da:95:d2:74 ... show more 2026-06-19T13:23:58.279226+00:00 XRM-01 kernel: [HONEYPORT] IN=eth0 OUT= MAC=92:00:06:e6:da:95:d2:74:7f:6e:37:e3:08:00 SRC=39.104.56.177 DST=46.62.222.43 LEN=40 TOS=0x00 PREC=0xA0 TTL=238 ID=5642 PROTO=TCP SPT=47175 DPT=3389 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇩🇪 sbajic	2026-06-19 13:04:44 (6 days ago)	...	Brute-Force
🇩🇪 zupan	2026-06-19 12:54:41 (6 days ago)	Blocked by UFW on vps [3389/tcp] \| SPT: 47175 \| TTL: 237 \| LEN: 40 \| TOS: 0x00 • Reported by: github ... show more Blocked by UFW on vps [3389/tcp] \| SPT: 47175 \| TTL: 237 \| LEN: 40 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-06-19 12:53:24 (6 days ago)	Port Scan	Port Scan
Anonymous	2026-06-19 12:38:23 (6 days ago)	Unauthorized connection to RDP port 3389	Port Scan
🇩🇪 Fahreddin Ergin	2026-06-19 12:32:46 (6 days ago)	Detected by CrowdSec / Wazuh on Echoserver Hetzner cluster (automated brute-force ban)	Brute-Force SSH Port Scan
🇩🇪 centurion	2026-06-19 12:21:01 (6 days ago)	Blocked by UFW on ns02 [3389/tcp] Source port: 47175 TTL: 239 Packet length: 40 TOS: 0x00 This repo ... show more Blocked by UFW on ns02 [3389/tcp] Source port: 47175 TTL: 239 Packet length: 40 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Hacking Brute-Force
🇫🇷 sthoyer.de	2026-06-19 12:06:52 (6 days ago)	Jun 19 14:06:51 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f ... show more Jun 19 14:06:51 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=39.104.56.177 DST=173.212.223.67 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=10188 PROTO=TCP SPT=47175 DPT=3389 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇩🇪 IP Analyzer	2026-06-19 12:00:25 (6 days ago)	Unauthorized connection attempt from IP address 39.104.56.177 on Port 3389(RDP)	Port Scan
🇫🇷 Petre 21_ip	2026-06-19 11:59:39 (6 days ago)	2026-06-19T13:59:38.453673+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c ... show more 2026-06-19T13:59:38.453673+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c0:69:11:b3:85:db:08:00 SRC=39.104.56.177 DST=155.133.26.57 LEN=40 TOS=0x00 PREC=0x00 TTL=233 ID=7187 PROTO=TCP SPT=47175 DPT=3389 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇩🇪 Tamsweb	2026-06-19 11:56:05 (6 days ago)	Unauthorized connection attempt or scan from 39.104.56.177 on port 3389 ...	Port Scan
🇳🇱 ByeByte API	2026-06-19 11:52:38 (6 days ago)	byebyte.space auth: TCP packet to port 3389 (RDP) at 2026-06-19T11:52:38Z. Source port 47175. TCP fl ... show more byebyte.space auth: TCP packet to port 3389 (RDP) at 2026-06-19T11:52:38Z. Source port 47175. TCP flags: SYN. Packet: 40B, TTL 234, window 1024, IP id 64257. Single packet, dropped at firewall. p0f: 21 hops. show less	Port Scan

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 211.105.129.57

🇭🇰 199.45.154.137

🇪🇬 197.35.90.102

192.168.198.10

🇬🇧 188.240.59.22

🇺🇸 184.105.247.251

🇸🇬 172.70.93.95

🇳🇱 169.150.196.12

🇵🇪 149.34.48.186

🇨🇦 85.217.149.9

🇹🇷 78.190.146.8

🇫🇷 51.103.46.9

🇩🇪 51.89.45.116

🇫🇷 51.68.236.59

🇮🇳 45.112.149.170

🇮🇩 43.243.142.42

🇮🇳 34.131.63.74

🇳🇱 34.91.49.93

🇸🇪 20.240.51.74

🇧🇷 20.226.27.158