JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 167.172.39.154

167.172.39.154 was found in our database!

This IP was reported 96 times. Confidence of Abuse is 100%: ?

100%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 167.172.39.154

Whois 167.172.39.154

IP Abuse Reports for 167.172.39.154:

This IP address has been reported a total of 96 times from 68 distinct sources. 167.172.39.154 was first reported on April 30th 2026, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 sumnone	2026-06-12 07:33:38 (7 hours ago)	Port probing on unauthorized port 8089	Port Scan Hacking Exploited Host
🇩🇪 Justin F. \| AS204464	2026-06-11 08:34:44 (1 day ago)	Honeypot [nx-infrastructure]: HTTP/1.1 request on 8085 GET / User-Agent: Mozilla/5.0 (X11; Linux x8 ... show more Honeypot [nx-infrastructure]: HTTP/1.1 request on 8085 GET / User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:142.0) Gecko/20100101 Firefox/142.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate; 8085 [2] TCP Reported by: Justin F. show less	Hacking Bad Web Bot
🇺🇸 knock	2026-06-01 19:25:52 (1 week ago)	Knock-Knock honeypot brute-force: proto8 (1 total hits)	Brute-Force
🇺🇸 jkhorvath.com	2026-06-01 16:45:41 (1 week ago)	Request for URL /squid-internal-mgr/cachemgr.cgi	Phishing Brute-Force Web App Attack
🇫🇷 security.rdmc.fr	2026-05-31 22:37:40 (1 week ago)	Port Scan Attack proto:TCP src:47075 dst:5433	Port Scan
🇩🇪 guldkage	2026-05-31 22:00:16 (1 week ago)	Unauthorized connection attempt detected from IP address 167.172.39.154 to port 22 (ger-03) [W]	Brute-Force Exploited Host
🇩🇪 zupan	2026-05-31 15:01:36 (1 week ago)	Blocked by UFW on vps [3128/tcp] \| SPT: 33500 \| TTL: 55 \| LEN: 60 \| TOS: 0x00 • Reported by: github. ... show more Blocked by UFW on vps [3128/tcp] \| SPT: 33500 \| TTL: 55 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 mittPS	2026-05-31 12:49:01 (1 week ago)	2026-05-31T14:49:00.657779+02:00 immelmann sshd[4151341]: Connection closed by 167.172.39.154 port 4 ... show more 2026-05-31T14:49:00.657779+02:00 immelmann sshd[4151341]: Connection closed by 167.172.39.154 port 46480 [preauth] ... show less	Brute-Force SSH
🇺🇸 drewf.ink	2026-05-31 04:32:54 (1 week ago)	[04:32] Port scanning. Port(s) scanned: TCP/8080, TCP/8443	Port Scan
🇩🇪 Axel	2026-05-29 17:27:43 (1 week ago)	[2026-05-29 17:27:42 UTC] Honeypot HTTPS-Alt connection attempt \| AXFRA HONEYPOT	Web App Attack
🇫🇷 ISPLtd	2026-05-28 08:34:10 (2 weeks ago)	May 28 10:34:03 167.172.39.154 TCP SPT=56458 DPT=3128 SYN May 28 10:34:05 167.172.39.154 TCP SPT=564 ... show more May 28 10:34:03 167.172.39.154 TCP SPT=56458 DPT=3128 SYN May 28 10:34:05 167.172.39.154 TCP SPT=56458 DPT=3128 SYN May 28 10:34:10 167.172.39.154 TCP SPT=56458 DPT=3128 ... show less	Port Scan
🇨🇦 Tanados	2026-05-28 04:22:33 (2 weeks ago)	Blocked by UFW [29842/tcp] Source port: 54182 TTL: 48 Packet length: 60 TOS: 0x00 This report was g ... show more Blocked by UFW [29842/tcp] Source port: 54182 TTL: 48 Packet length: 60 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇫🇷 EDSL	2026-05-28 02:20:54 (2 weeks ago)	[SRV-VPN1] Blocked by SysWarden Firewall (VPN Probe)	Port Scan Hacking Brute-Force
🇩🇪 ITSNF	2026-05-27 21:05:05 (2 weeks ago)	Blocked by os-abuseipdb; 3 hits, proto=tcp, ports=1080,1180,12324	Port Scan Hacking
🇺🇸 xxkodedxx	2026-05-27 20:15:20 (2 weeks ago)	[Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost) Trigger: 1× edge-block in 10 ... show more [Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost) Trigger: 1× edge-block in 10m window. Origin: NL / AS14061 DigitalOcean, LLC Active: 20:15:12 UTC Volume: 1 HTTP req Probed: /squid-internal-mgr/cachemgr.cgi Status mix: 444×1 Vhost fishing: 67.217.240.72 UA: "Mozilla/5.0 zgrab/0.x" Auto-banned 30d. zorvexus-banner. show less	Bad Web Bot Web App Attack

Showing 1 to 15 of 96 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇱 185.208.164.120

🇰🇿 82.200.240.27

🇺🇸 216.25.89.115

🇺🇸 205.210.31.74

🇧🇷 190.115.84.25

🇧🇷 138.97.132.169

🇨🇳 110.249.201.203

🇫🇷 90.79.25.231

🇷🇴 80.94.92.156

🇺🇸 75.80.146.150

🇦🇺 40.82.214.8

🇺🇸 20.169.105.57

🇯🇵 210.156.0.132

🇮🇪 207.254.29.22

🇩🇪 196.242.141.20

🇳🇱 192.253.248.169

🇦🇷 191.83.227.37

🇩🇪 178.16.52.139

🇺🇸 172.70.38.46

🇺🇸 147.185.132.185