JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.245.106.196

172.245.106.196 was found in our database!

This IP was reported 813 times. Confidence of Abuse is 6%: ?

ISP	HostPapa
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36352
Hostname(s)	172-245-106-196-host.colocrossing.com
Domain Name	hostpapa.com
Country	🇺🇸 United States of America
City	Buffalo, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.245.106.196

Whois 172.245.106.196

IP Abuse Reports for 172.245.106.196:

This IP address has been reported a total of 813 times from 339 distinct sources. 172.245.106.196 was first reported on March 6th 2026, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇳 evicky2002	2026-04-29 18:28:29 (1 month ago)	Confirmed malicious by STILWaters CTI (score=100)	Hacking Brute-Force SSH
🇺🇸 gooko	2026-04-29 15:31:49 (1 month ago)	SSH brute-force attack detected by fail2ban jail 'sshd'	Brute-Force SSH
🇫🇮 nNordic	2026-04-26 09:24:36 (2 months ago)	Connection attempt blocked by IDS/IPS from 172.245.106.196/32	Hacking
Anonymous	2026-04-01 13:35:25 (2 months ago)	Aggressive Web Scanner	Hacking Web App Attack Brute-Force
🇹🇷 rtbh.com.tr	2026-03-29 08:12:19 (2 months ago)	list.rtbh.com.tr report: tcp/22	Brute-Force
🇧🇷 SOC-BR	2026-03-29 07:17:56 (2 months ago)	Attack detected by Fortinet - apache: Apache.HTTP.Server.cgi-bin.Path.Traversal - 2026-03-28 18:19:4 ... show more Attack detected by Fortinet - apache: Apache.HTTP.Server.cgi-bin.Path.Traversal - 2026-03-28 18:19:45 - Source Port 45728 show less	Port Scan Hacking
🇺🇸 shabi	2026-03-29 05:01:33 (2 months ago)	UFW Blocked [22/TCP] Source: 172.245.106.196:41325 TTL: 52 Lenth: 44 TOS: 0x08	Port Scan SSH Brute-Force
🇹🇷 rtbh.com.tr	2026-03-29 04:12:18 (2 months ago)	list.rtbh.com.tr report: tcp/22, tcp/23	Brute-Force
🇺🇸 katawajojo	2026-03-29 03:49:41 (2 months ago)	2026-03-28T19:31:14.190670-08:00 lain sshd-session[729757]: Invalid user orangepi from 172.245.106.1 ... show more 2026-03-28T19:31:14.190670-08:00 lain sshd-session[729757]: Invalid user orangepi from 172.245.106.196 port 48816 2026-03-28T19:31:14.199726-08:00 lain sshd-session[729757]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.245.106.196 2026-03-28T19:31:15.913711-08:00 lain sshd-session[729757]: Failed password for invalid user orangepi from 172.245.106.196 port 48816 ssh2 2026-03-28T19:49:38.624808-08:00 lain sshd-session[729846]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.245.106.196 user=root 2026-03-28T19:49:40.961837-08:00 lain sshd-session[729846]: Failed password for root from 172.245.106.196 port 41982 ssh2 ... show less	Brute-Force SSH
🇺🇸 RAP	2026-03-29 03:44:35 (2 months ago)	2026-03-29 03:44:35 UTC Unauthorized activity to TCP port 22. SSH	SSH
🇩🇪 Mailguard-FRD	2026-03-29 02:17:06 (2 months ago)	Mar 29 04:17:04 [redacted] sshd[1432521]: pam_unix(sshd:auth): authentication failure; logname= uid= ... show more Mar 29 04:17:04 [redacted] sshd[1432521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.245.106.196 Mar 29 04:17:06 [redacted] sshd[1432521]: Failed password for inval ... show less	Brute-Force SSH
🇨🇿 Countryman	2026-03-29 00:56:47 (2 months ago)	repeated unauthorized connection attempts, host sweep, port 22	Hacking Brute-Force
🇺🇸 MPL	2026-03-28 23:51:23 (2 months ago)	tcp/22 (2 or more attempts)	Port Scan
🇦🇹 urnilxfgbez	2026-03-28 23:45:00 (2 months ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇫🇷 Dechavanne	2026-03-28 23:00:13 (2 months ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack

Showing 1 to 15 of 813 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 85.217.149.48

🇸🇬 43.134.35.72

🇺🇸 34.226.65.53

🇺🇸 216.218.206.78

🇹🇭 202.44.237.238

🇹🇳 197.5.145.102

🇺🇸 165.154.206.204

🇮🇳 135.13.28.35

🇲🇾 121.123.141.251

🇹🇼 114.34.106.146

🇫🇷 85.217.140.2

🇺🇸 20.65.195.47

🇷🇴 2.57.121.25

🇧🇷 179.216.168.195

🇨🇳 120.193.223.46

🇵🇹 109.50.185.153

🇮🇩 103.224.65.65

🇨🇳 101.126.64.76

🇮🇹 79.56.175.84

🇺🇸 66.132.186.192