JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.245.225.106

172.245.225.106 was found in our database!

This IP was reported 841 times. Confidence of Abuse is 100%: ?

100%

ISP	HostPapa
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36352
Hostname(s)	172-245-225-106-host.colocrossing.com
Domain Name	hostpapa.com
Country	🇺🇸 United States of America
City	Dallas, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.245.225.106

Whois 172.245.225.106

IP Abuse Reports for 172.245.225.106:

This IP address has been reported a total of 841 times from 149 distinct sources. 172.245.225.106 was first reported on April 24th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 sverre26	2026-06-03 08:17:16 (16 hours ago)	Bruteforce detected by fail2ban	Brute-Force SSH
🇬🇧 Deveroonie	2026-06-03 07:05:17 (17 hours ago)	2026-06-03T07:05:17.023548+00:00 instance-20241019-1127 sshd[2777979]: Disconnected from authenticat ... show more 2026-06-03T07:05:17.023548+00:00 instance-20241019-1127 sshd[2777979]: Disconnected from authenticating user root 172.245.225.106 port 58934 [preauth] ... show less	Hacking Brute-Force SSH
🇰🇷 2048	2026-06-03 06:56:17 (18 hours ago)	2026-06-03T15:56:16.117558+09:00 no1 sshd[2333980]: Disconnected from authenticating user root 172.2 ... show more 2026-06-03T15:56:16.117558+09:00 no1 sshd[2333980]: Disconnected from authenticating user root 172.245.225.106 port 60914 [preauth] ... show less	Brute-Force SSH
🇦🇹 Pingger Shikkoken	2026-06-03 06:46:25 (18 hours ago)	2026-06-03T06:46:25+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT= MAC=b6:ab:74:e6 ... show more 2026-06-03T06:46:25+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT= MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=172.245.225.106 DST=152.53.50.28 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=25740 DF PROTO=TCP SPT=59358 DPT=22 WINDOW=29200 RES=0x00 SYN URGP=0 2026-06-03T06:46:26+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT= MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=172.245.225.106 DST=152.53.50.28 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=25741 DF PROTO=TCP SPT=59358 DPT=22 WINDOW=29200 RES=0x00 SYN URGP=0 2026-06-03T06:46:28+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT= MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=172.245.225.106 DST=152.53.50.28 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=25742 DF PROTO=TCP SPT=59358 DPT=22 WINDOW=29200 RES=0x00 SYN URGP=0 ... show less	Hacking Brute-Force SSH
Anonymous	2026-06-03 06:45:20 (18 hours ago)	Repeated SSH brute force and user enumeration attempts against a secured server. Multiple failed aut ... show more Repeated SSH brute force and user enumeration attempts against a secured server. Multiple failed authentication attempts from this IP across an extended period. show less	Brute-Force SSH
🇩🇪 dispaisyenterprises	2026-06-03 06:42:11 (18 hours ago)	Honeypot [fra-de-honeypot]: Brute-force attack detected on 22/SSH • Credential used: root:undefined ... show more Honeypot [fra-de-honeypot]: Brute-force attack detected on 22/SSH • Credential used: root:undefined • Number of login attempts: 1 • Client: SSH-2.0-libssh2_1.11.0 • SSH key fingerprints: 40:20:a6:7b:4c:b3:3a:5b:61:26:c2:86:bd:c8:8b:03 Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	SSH
🇺🇸 Babu Chang	2026-06-03 06:28:10 (18 hours ago)	sshguard	SSH
🇨🇦 dpinse	2026-06-03 06:22:28 (18 hours ago)	Honeypot [honeypot-ca-sensor1]: Brute-force attack detected on 22/SSH • Credential used: root:undefi ... show more Honeypot [honeypot-ca-sensor1]: Brute-force attack detected on 22/SSH • Credential used: root:undefined • Number of login attempts: 1 • Client: SSH-2.0-libssh2_1.11.0 • SSH key fingerprints: ca:25:57:bb:1b:c9:33:2a:80:20:d5:d3:42:c9:0f:6c show less	SSH
Anonymous	2026-06-03 04:54:00 (20 hours ago)	Repeated SSH brute force and user enumeration attempts against a secured web server. Multiple failed ... show more Repeated SSH brute force and user enumeration attempts against a secured web server. Multiple failed authentication attempts from this IP across an extended period. show less	Brute-Force SSH
🇩🇪 kexol	2026-06-03 04:18:26 (20 hours ago)	22 port scanned	Port Scan
🇺🇸 SANYALnet Labs	2026-06-03 04:12:30 (20 hours ago)	Jun 3 04:12:28 hecnet-us-east-gw sshd[757528]: pam_unix(sshd:auth): authentication failure; logname ... show more Jun 3 04:12:28 hecnet-us-east-gw sshd[757528]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.245.225.106 user=root Jun 3 04:12:29 hecnet-us-east-gw sshd[757528]: Failed none for invalid user root from 172.245.225.106 port 51394 ssh2 Jun 3 04:12:30 hecnet-us-east-gw sshd[757528]: error: maximum authentication attempts exceeded for invalid user root from 172.245.225.106 port 51394 ssh2 [preauth] ... show less	Brute-Force
🇨🇦 ImMarvolo	2026-06-03 00:08:33 (1 day ago)	Unauthorized connection attempt detected neo-ca-bhs-01, SSH Brute-Force	Brute-Force SSH
🇺🇸 blackburied	2026-06-02 23:55:01 (1 day ago)	SSH brute force on kuhioshores	Brute-Force SSH
🇳🇴 tmiland	2026-06-02 23:42:21 (1 day ago)	Suricata Detected 8 attacks from 172.245.225.106.; ET SCAN LibSSH Based Frequent SSH Connections Lik ... show more Suricata Detected 8 attacks from 172.245.225.106.; ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack; IP: 172.245.225.106; Ports: 56148; Direction: to_server; Trigger: SCAN; Category: Attempted Administrator Privilege Gain; Severity: 1 show less	Port Scan
🇨🇭 TOCE	2026-06-02 21:23:37 (1 day ago)	7 hits seen on 2026-06-02, ports 22 (SSH) on a honeypot from www.toce.ch	SSH

Showing 31 to 45 of 841 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 202.58.75.135

🇬🇧 191.101.59.86

🇮🇳 122.187.229.168

🇮🇩 103.3.221.226

🇷🇴 92.118.39.236

🇨🇳 221.228.203.3

🇺🇸 216.25.89.107

🇨🇳 210.14.142.89

🇨🇳 203.2.164.205

🇺🇸 198.57.187.216

🇰🇪 197.248.207.139

🇨🇴 186.179.100.0

🇧🇷 177.36.214.46

🇺🇸 162.216.149.150

🇺🇸 162.144.197.34

🇺🇸 146.190.118.147

🇧🇪 144.86.173.76

🇮🇳 122.187.227.145

🇨🇳 106.75.227.248

🇿🇦 102.129.56.145