This IP address has been reported a total of
12
times from
12 distinct
sources.
167.172.102.15 was first reported on
, and the most recent report was
.
Old Reports:
The most recent abuse report for this IP address is from
. It is possible that this IP is no longer involved in abusive activities.
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 167.172.102.15 (DE/Germany/-): 1 in t ...
show more(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 167.172.102.15 (DE/Germany/-): 1 in the last 3600 secs (0-197)
show less
Honeypot hit: Brute-force attack detected on 22/SSH
โข Credentials: root:root, root:123456
โข Number o ...
show moreHoneypot hit: Brute-force attack detected on 22/SSH
โข Credentials: root:root, root:123456
โข Number of login attempts: 2
โข 4 command(s) were executed during the session
โข Client: SSH-2.0-Go
Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB
show less
Brute-Force
SSH
Hacking
Anonymous
Feb 22 15:58:41 prisma sshd[1554234]: Failed password for root from 167.172.102.15 port 49742 ssh2
F ...
show moreFeb 22 15:58:41 prisma sshd[1554234]: Failed password for root from 167.172.102.15 port 49742 ssh2
Feb 22 15:59:18 prisma sshd[1554701]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.102.15 user=root
Feb 22 15:59:20 prisma sshd[1554701]: Failed password for root from 167.172.102.15 port 37252 ssh2
Feb 22 15:59:59 prisma sshd[1555168]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.102.15 user=root
Feb 22 16:00:01 prisma sshd[1555168]: Failed password for root from 167.172.102.15 port 56010 ssh2
...
show less
Brute-Force
SSH
Anonymous
2026-02-22T16:57:54.178411+02:00 sshd[2105032]: Failed password for root from 167.172.102.15 port 3 ...
show more2026-02-22T16:57:54.178411+02:00 sshd[2105032]: Failed password for root from 167.172.102.15 port 36612 ssh2
2026-02-22T16:58:36.142359+02:00 sshd[2105463]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.102.15 user=root
2026-02-22T16:58:37.751946+02:00 sshd[2105463]: Failed password for root from 167.172.102.15 port 60130 ssh2
...
show less
2026-02-22T16:55:48.038015+02:00 wels sshd[1198350]: Connection closed by 167.172.102.15 port 38682
...
show more2026-02-22T16:55:48.038015+02:00 wels sshd[1198350]: Connection closed by 167.172.102.15 port 38682
2026-02-22T16:56:32.840473+02:00 wels sshd[1198362]: Connection closed by authenticating user root 167.172.102.15 port 50326 [preauth]
2026-02-22T16:57:20.147771+02:00 wels sshd[1198364]: Connection closed by authenticating user root 167.172.102.15 port 55156 [preauth]
...
show less
2026-02-22T15:55:57.747631+01:00 ezri sshd[1701418]: error: kex_exchange_identification: Connection ...
show more2026-02-22T15:55:57.747631+01:00 ezri sshd[1701418]: error: kex_exchange_identification: Connection closed by remote host
2026-02-22T15:55:57.748905+01:00 ezri sshd[1701418]: Connection closed by 167.172.102.15 port 47098
2026-02-22T15:57:11.612028+01:00 ezri sshd[1701525]: User root from 167.172.102.15 not allowed because not listed in AllowUsers
2026-02-22T15:57:12.012516+01:00 ezri sshd[1701525]: Connection closed by invalid user root 167.172.102.15 port 47438 [preauth]
...
show less
Blocked by UFW (TCP on 22)
Source port: 51491
TTL: 237
Packet length: 40
TOS: 0x08
This report (for ...
show moreBlocked by UFW (TCP on 22)
Source port: 51491
TTL: 237
Packet length: 40
TOS: 0x08
This report (for 167.172.102.15) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
SSH
Brute-Force
Showing 1 to
12
of 12 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ