JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 167.172.131.252

167.172.131.252 was found in our database!

This IP was reported 84 times. Confidence of Abuse is 0%: ?

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇺🇸 United States of America
City	North Bergen, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 167.172.131.252

Whois 167.172.131.252

IP Abuse Reports for 167.172.131.252:

This IP address has been reported a total of 84 times from 25 distinct sources. 167.172.131.252 was first reported on January 2nd 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 LotPhantom	2026-04-05 23:48:45 (2 months ago)	2026-04-05T23:48:44.650324+00:00 bridginggaps kernel: [UFW BLOCK] IN=eth0 OUT= MAC=2e:bc:64:1d:2c:e1 ... show more 2026-04-05T23:48:44.650324+00:00 bridginggaps kernel: [UFW BLOCK] IN=eth0 OUT= MAC=2e:bc:64:1d:2c:e1:fe:00:00:00:01:01:08:00 SRC=167.172.131.252 DST=157.230.217.55 LEN=44 TOS=0x00 PREC=0x00 TTL=62 ID=50292 DF PROTO=TCP SPT=49879 DPT=9773 WINDOW=65280 RES=0x00 SYN URGP=0 2026-04-05T23:48:44.867308+00:00 bridginggaps kernel: [UFW BLOCK] IN=eth0 OUT= MAC=2e:bc:64:1d:2c:e1:fe:00:00:00:01:01:08:00 SRC=167.172.131.252 DST=157.230.217.55 LEN=44 TOS=0x00 PREC=0x00 TTL=62 ID=50105 DF PROTO=TCP SPT=52571 DPT=12245 WINDOW=65280 RES=0x00 SYN URGP=0 ... show less	Port Scan Hacking
🇺🇸 donarev419	2026-04-05 07:47:50 (2 months ago)	Connection to port 6379 with data transfer. Data preview: *1 $4 info	Port Scan Hacking
🇺🇸 drewf.ink	2026-04-05 07:46:57 (2 months ago)	[07:46] Port scanning. Port(s) scanned: TCP/6379	Port Scan
🇺🇸 etu brutus	2026-04-02 05:34:05 (2 months ago)	167.172.131.252 Blocked by [Attack Vector List] ...	Hacking Brute-Force Exploited Host
🇯🇵 jay hung	2026-04-01 12:57:27 (2 months ago)	2026-04-01T12:57:22.313061+00:00 quarktech kernel: [1126508.980500] [UFW BLOCK] IN=eth0 OUT= MAC=22: ... show more 2026-04-01T12:57:22.313061+00:00 quarktech kernel: [1126508.980500] [UFW BLOCK] IN=eth0 OUT= MAC=22:00:92:2e:84:93:fe:ff:ff:ff:ff:ff:08:00 SRC=167.172.131.252 DST=172.237.29.33 LEN=44 TOS=0x00 PREC=0x20 TTL=44 ID=50296 DF PROTO=TCP SPT=50097 DPT=3389 WINDOW=65280 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇺🇸 sefinek.net	2026-04-01 11:46:35 (2 months ago)	Blocked by UFW on NY01 [389/tcp] \| SPT: 50992 \| TTL: 53 \| LEN: 44 \| TOS: 0x08 • Reported by: github. ... show more Blocked by UFW on NY01 [389/tcp] \| SPT: 50992 \| TTL: 53 \| LEN: 44 \| TOS: 0x08 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 withfallback.com	2026-04-01 10:44:05 (2 months ago)	client sends "random1random2random3random4". A quick Google indicates this is likely part of an nmap ... show more client sends "random1random2random3random4". A quick Google indicates this is likely part of an nmap scan. show less	Port Scan
🇺🇸 xmission.com	2026-04-01 08:27:20 (2 months ago)	Blocked by UFW (TCP on 37) Source port: 49039 TTL: 47 Packet length: 44 TOS: 0x08 This report (for ... show more Blocked by UFW (TCP on 37) Source port: 49039 TTL: 47 Packet length: 44 TOS: 0x08 This report (for 167.172.131.252) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-04-01 04:26:09 (2 months ago)	Mar 31 23:21:26 localhost kernel: [103359126.475866] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:9 ... show more Mar 31 23:21:26 localhost kernel: [103359126.475866] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=167.172.131.252 DST=[mungedIP2] LEN=44 TOS=0x00 PREC=0x00 TTL=54 ID=50468 DF PROTO=TCP SPT=51578 DPT=23 WINDOW=65280 RES=0x00 SYN URGP=0 Mar 31 23:21:26 localhost kernel: [103359126.475897] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=167.172.131.252 DST=[mungedIP2] LEN=44 TOS=0x00 PREC=0x00 TTL=54 ID=50468 DF PROTO=TCP SPT=51578 DPT=23 SEQ=2820370726 ACK=0 WINDOW=65280 RES=0x00 SYN URGP=0 OPT (02040550) Apr 1 00:26:09 localhost kernel: [103363008.646575] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=167.172.131.252 DST=[mungedIP2] LEN=44 TOS=0x00 PREC=0x00 TTL=54 ID=50057 DF PROTO=TCP SPT=49195 DPT=6379 WINDOW=65280 RES=0x00 SYN URGP=0 Apr 1 00:26:09 localhost kernel: [103363008.646592] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=167.172.131.252 show less	Port Scan
🇺🇸 cazae	2026-03-31 18:13:24 (2 months ago)	Unauthorized attempt on debian [513/tcp] Source port: 50885 TTL: 45 Packet length: 44 TOS: 0x08 htt ... show more Unauthorized attempt on debian [513/tcp] Source port: 50885 TTL: 45 Packet length: 44 TOS: 0x08 https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 MPL	2026-03-31 13:42:56 (2 months ago)	tcp/88 (2 or more attempts)	Port Scan
🇺🇸 Cyber Crusader	2026-03-31 10:55:34 (2 months ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
🇺🇸 MPL	2026-03-31 05:04:50 (2 months ago)	tcp/82 (2 or more attempts)	Port Scan
🇺🇸 xmission.com	2026-03-29 02:42:45 (2 months ago)	Blocked by UFW (TCP on 8800) Source port: 50861 TTL: 48 Packet length: 44 TOS: 0x08 This report (fo ... show more Blocked by UFW (TCP on 8800) Source port: 50861 TTL: 48 Packet length: 44 TOS: 0x08 This report (for 167.172.131.252) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇬🇧 gbzret4d	2026-03-27 20:16:04 (2 months ago)	Honeypot [uk-production01]: Empty payload (likely service probe); 48502 [1], 8098 [1] TCP	Port Scan

Showing 1 to 15 of 84 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 220.80.223.144

🇩🇪 213.209.159.56

🇧🇬 193.24.211.107

🇺🇸 66.132.172.128

🇬🇧 193.163.125.83

🇨🇳 171.8.138.114

🇭🇰 161.81.86.1

🇫🇮 147.185.133.2

🇲🇾 121.122.119.170

🇲🇾 121.121.56.0

🇨🇳 121.12.155.218

🇵🇭 120.28.194.30

🇨🇳 119.100.99.195

🇿🇦 102.218.220.104

🇨🇳 101.96.195.102

🇷🇺 77.37.179.158

🇺🇸 74.115.172.118

🇺🇸 64.49.38.143

🇫🇮 34.88.198.115

🇩🇪 138.124.99.219