IP address 172.105.128.11 has been flagged in 631 abuse reports across 13 independent threat intelligence sources, resulting in a threat score of 100.0/100 (critical risk). The primary activity associated with this IP is abuseipdb blacklist, along with aggregated threat, attacks, brute force, email abuse, known attacker, ldap bruteforce, mail auth bruteforce, malware c2, malware infrastructure, rdp bruteforce, reconnaissance, ssh brute force, ssh bruteforce, suspicious activity, unknown, web attack.
This IP is geolocated in United States (Cedar Knolls) and belongs to the network Akamai Connected Cloud (AS63949). Reports span from 2022-11-20 to 2026-06-05.
Assessment: With 631 abuse reports, 172.105.128.11 shows persistent malicious activity that has been flagged by multiple threat intelligence feeds. The IP has been observed conducting automated SSH login attempts against internet-facing servers, a technique commonly used to gain unauthorized access to systems.