JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 165.245.211.172

165.245.211.172 was found in our database!

This IP was reported 41 times. Confidence of Abuse is 100%: ?

100%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 165.245.211.172

Whois 165.245.211.172

IP Abuse Reports for 165.245.211.172:

This IP address has been reported a total of 41 times from 38 distinct sources. 165.245.211.172 was first reported on June 20th 2026, and the most recent report was 41 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 ipcop.net	2026-06-21 02:26:02 (41 minutes ago)	2026-06-21T04:25:54.836820+02:00 websrv1.aknwsrv.net postfix/submission/smtpd[1420517]: lost connect ... show more 2026-06-21T04:25:54.836820+02:00 websrv1.aknwsrv.net postfix/submission/smtpd[1420517]: lost connection after STARTTLS from unknown[165.245.211.172] 2026-06-21T04:26:01.561223+02:00 websrv1.aknwsrv.net postfix/submission/smtpd[1420517]: improper command pipelining after CONNECT from unknown[165.245.211.172]: show less	Fraud VoIP Brute-Force
🇫🇷 Provost-info	2026-06-21 01:02:28 (2 hours ago)	mail server - multiple authentication attempt with unknown username or bad password	Brute-Force Spoofing
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-21 00:44:34 (2 hours ago)	Honeypot hit: HTTP/1.1 request on 1911 GET /v2/_catalog User-Agent: Go-http-client/1.1; 1911 [3] TC ... show more Honeypot hit: HTTP/1.1 request on 1911 GET /v2/_catalog User-Agent: Go-http-client/1.1; 1911 [3] TCP show less	Web App Attack
🇵🇱 IT RDC	2026-06-21 00:27:01 (2 hours ago)	2026/06/21 02:27:00 [info] 57869#0: 149543 client sent plain HTTP request to HTTPS port while readi ... show more 2026/06/21 02:27:00 [info] 57869#0: 149543 client sent plain HTTP request to HTTPS port while reading client request headers, client: 165.245.211.172, server: zimbra, request: "GET /v2/_catalog HTTP/1.1", host: "83.238.86.39:443" ... show less	Web App Attack
Anonymous	2026-06-21 00:22:52 (2 hours ago)	2026-06-21T02:22:50.664117+02:00 host postfix/smtpd[318652]: lost connection after STARTTLS from unk ... show more 2026-06-21T02:22:50.664117+02:00 host postfix/smtpd[318652]: lost connection after STARTTLS from unknown[165.245.211.172] 2026-06-21T02:22:51.543812+02:00 host postfix/smtpd[318652]: improper command pipelining after CONNECT from unknown[165.245.211.172]: \026\003\003\001\250\001\000\001\244\003\003\241K\233\fS\326\017\213r\2520\322\365q\023\334\316\252\nx\265Y\346\t\217_\333:\201\225\306\313 \250\232Tx\362\212\245\255\311z\376\217\305iC\204p\343A\306x\037\335\224\323\037\214\366\214q\325~\000\212\000\026\0003\000g\300\236\300\242\000\236\0009\000k\300\237\300\243\000\237 2026-06-21T02:22:51.548056+02:00 host postfix/smtpd[318652]: improper command pipelining after CONNECT from unknown[165.245.211.172]: \026\003\003\001\250\001\000\001\244\003\003\362\364\261y8h\214\230\032\325\337E\200\272\242\200\036\351eAS\032\320M+\303T\253\364\324\241\371 d\353\263\256\n\311\215h\363S\347,=\\f\346\312mU_\356\330\276\323P\215s\243\212\2715\203\000\212\000\005\000\004\000\a\000\300\000\204\000\272\0 ... show less	Brute-Force
🇬🇧 thetomtaylor.co.uk	2026-06-21 00:06:01 (3 hours ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice01,wa01,wa02]	Hacking Brute-Force Bad Web Bot Web App Attack
🇩🇪 ecs.ge	2026-06-20 23:40:52 (3 hours ago)	Automatic Fail2Ban report from jail plesk-modsecurity: multiple matching events detected.	Web App Attack Hacking
🇯🇵 ki3	2026-06-20 22:46:24 (4 hours ago)	Fail2Ban: Dovecot Attack 165.245.211.172 1781995583.0(JST)	Brute-Force SSH
Anonymous	2026-06-20 22:18:55 (4 hours ago)	Kept connecting and disconnecting without issuing any commands	DDoS Attack
🇩🇪 femboy.cat	2026-06-20 21:59:36 (5 hours ago)	Port scan to tcp/9042 from 165.245.211.172	Brute-Force
🇮🇹 opso.it	2026-06-20 21:25:34 (5 hours ago)	2026-06-20 23:25:12 SMTP protocol synchronization error \(input sent without waiting for greeting\): ... show more 2026-06-20 23:25:12 SMTP protocol synchronization error \(input sent without waiting for greeting\): rejected connection from H=\[165.245.211.172\] input=\"\\026\\003\\003\\001\\246\\001\" 2026-06-20 23:25:17 SMTP protocol synchronization error \(input sent without waiting for greeting\): rejected connection from H=\[165.245.211.172\] input=\"\\026\\003\\003\\001\\246\\001\" 2026-06-20 23:25:22 SMTP protocol synchronization error \(input sent without waiting for greeting\): rejected connection from H=\[165.245.211.172\] input=\"\\026\\003\\003\\001W\\001\" 2026-06-20 23:25:27 SMTP protocol synchronization error \(input sent without waiting for greeting\): rejected connection from H=\[165.245.211.172\] input=\"\\026\\003\\003\\001I\\001\" 2026-06-20 23:25:32 SMTP protocol synchronization error \(input sent without waiting for greeting\): rejected connection from H=\[165.245.211.172\] input=\"\\026\\003\\003\\001\\232\\001\" show less	Web App Attack
🇨🇦 Slackin' Jack	2026-06-20 21:05:08 (6 hours ago)	Triggered honeypot on port 110. (165.245.211.172)	Port Scan
🇩🇪 BlueWire Hosting	2026-06-20 20:56:02 (6 hours ago)	Bad bot ignoring robot.txt	Bad Web Bot
🇩🇪 Enno	2026-06-20 19:47:46 (7 hours ago)	P04::Fail2Ban: automated bot scanning / credential probing detected.	Web App Attack Bad Web Bot
🇩🇪 WinnieHoneypots	2026-06-20 19:03:56 (8 hours ago)	Spraying garbage or empty requests on HTTP/S - [\x16\x03\x01\x01\x0C\x01\x00\x01\x08\x03\x03\x85\xD5 ... show more Spraying garbage or empty requests on HTTP/S - [\x16\x03\x01\x01\x0C\x01\x00\x01\x08\x03\x03\x85\xD5\xAB\x94I1\xB8p\x98Rf\xAE\x9D\xAB/\x0E^\x7Fu\xC8], obvious automated scanner or botnet minion show less	Port Scan Web App Attack

Showing 1 to 15 of 41 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 201.165.168.2

🇺🇸 74.208.177.56

🇺🇸 3.87.27.156

🇲🇦 196.75.134.173

🇲🇽 186.96.158.180

🇮🇶 185.166.25.150

🇨🇳 118.196.13.204

🇦🇪 51.112.131.195

🇺🇸 50.6.228.32

🇪🇬 41.128.181.199

🇹🇭 202.29.223.30

🇩🇪 167.94.145.27

🇻🇳 118.70.131.235

🇨🇳 111.38.36.219

🇮🇳 103.160.153.158

🇺🇸 65.49.1.23

🇰🇷 58.229.253.119

🇳🇱 52.233.193.61

🇺🇸 47.251.65.123

🇸🇬 43.160.250.64