JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 207.154.237.161

207.154.237.161 was found in our database!

This IP was reported 62 times. Confidence of Abuse is 100%: ?

100%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 207.154.237.161

Whois 207.154.237.161

IP Abuse Reports for 207.154.237.161:

This IP address has been reported a total of 62 times from 41 distinct sources. 207.154.237.161 was first reported on February 18th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 MBombeck	2026-06-04 17:38:02 (1 hour ago)	Fail2Ban/traefik-botsearch on ops-01.bombeck.io: banned after 5 failures	Web App Attack
🇫🇷 pm33	2026-06-04 16:45:37 (1 hour ago)	Probing for resource vulnerabilities HTTP(S)	Web App Attack
Anonymous	2026-06-04 16:34:02 (2 hours ago)	[Thu Jun 04 09:34:00.353549 2026] [authz_core:error] [pid 1549035] [client 207.154.237.161:20217] AH ... show more [Thu Jun 04 09:34:00.353549 2026] [authz_core:error] [pid 1549035] [client 207.154.237.161:20217] AH01630: client denied by server configuration: /home/appowner/www/sec/odinhttpcall1780590839 [Thu Jun 04 09:34:00.382099 2026] [authz_core:error] [pid 1549335] [client 207.154.237.161:20449] AH01630: client denied by server configuration: /home/appowner/www/sec/sdk [Thu Jun 04 09:34:01.005334 2026] [authz_core:error] [pid 1549036] [client 207.154.237.161:1709] AH01630: client denied by server configuration: /home/appowner/www/sec/evox [Thu Jun 04 09:34:01.042172 2026] [authz_core:error] [pid 1556027] [client 207.154.237.161:6447] AH01630: client denied by server configuration: /home/appowner/www/sec/HNAP1 [Thu Jun 04 09:34:02.289959 2026] [authz_core:error] [pid 1549034] [client 207.154.237.161:4105] AH01630: client denied by server configuration: /home/appowner/www/sec/ ... show less	Brute-Force SSH
Anonymous	2026-06-04 12:37:32 (6 hours ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇷🇺 Albram	2026-06-04 11:24:03 (7 hours ago)	Blocked by DNSBL - Mailserver check_relay (IP: 207.154.237.161)	Brute-Force
🇸🇪 gandalf	2026-06-04 07:23:57 (11 hours ago)	2026-06-04 09:23:55 wonderland sendmail[2549817]: 6547NtZ92549817: [207.154.237.161] did not issue M ... show more 2026-06-04 09:23:55 wonderland sendmail[2549817]: 6547NtZ92549817: [207.154.237.161] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA show less	Brute-Force Email Spam
🇺🇸 gu-alvareza	2026-06-04 07:05:37 (11 hours ago)	Nmap.Script.Scanner	Port Scan
🇳🇱 donarev419	2026-06-04 05:38:28 (13 hours ago)	Port scan detected on port 465 (connection without data transfer)	Port Scan
🇵🇱 nfsec.pl	2026-06-03 17:39:09 (1 day ago)	2026-06-03T17:39:09.439447+00:00 stardust postfix/smtpd[1196578]: improper command pipelining after ... show more 2026-06-03T17:39:09.439447+00:00 stardust postfix/smtpd[1196578]: improper command pipelining after CONNECT from unknown[207.154.237.161]: HELP\r\n ... show less	Email Spam Open Proxy
🇩🇪 anycast_ac	2026-06-03 10:36:13 (1 day ago)	[mirai-detector honeypot] Inbound attack against our honeypot on tcp/5060 (generic). Commands captur ... show more [mirai-detector honeypot] Inbound attack against our honeypot on tcp/5060 (generic). Commands captured: $ OPTIONS sip:nm SIP/2.0 show less	DDoS Attack IoT Targeted Brute-Force
🇩🇪 anycast_ac	2026-06-03 10:20:49 (1 day ago)	[mirai-detector honeypot] Inbound attack against our honeypot on tcp/5060 (generic). Commands captur ... show more [mirai-detector honeypot] Inbound attack against our honeypot on tcp/5060 (generic). Commands captured: $ GET / HTTP/1.0 show less	DDoS Attack IoT Targeted Brute-Force
Anonymous	2026-06-03 08:26:09 (1 day ago)	Honeypot hit: Empty payload (likely service probe); 4891 [14] TCP Reported by: https://github.com/se ... show more Honeypot hit: Empty payload (likely service probe); 4891 [14] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇫🇮 tjs	2026-06-03 06:25:00 (1 day ago)	web attack	Hacking Web App Attack
🇷🇺 OK	2026-06-03 01:18:15 (1 day ago)	SMTP	Email Spam Hacking Brute-Force
🇧🇬 Ilcheff	2026-06-02 22:31:49 (1 day ago)	(handshake,Dovecot,TLS,failure) Login failure/trigger from 207.154.237.161 (DE/Germany/-): 3 in the ... show more (handshake,Dovecot,TLS,failure) Login failure/trigger from 207.154.237.161 (DE/Germany/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Jun 3 01:31:44 dovecot: imap-login: Disconnected (no auth attempts in 6 secs): user=[USERNAME] rip=207.154.237.161, lip=0.0.0.x, TLS handshaking: SSL_accept() failed: error:1420918C:SSL routines:tls_early_post_process_client_hello:version too low, session=<vt4w4ExTvUvPmu2h> Jun 3 01:31:44 dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=[USERNAME] rip=207.154.237.161, lip=0.0.0.x, TLS handshaking: SSL_accept() failed: error:1417A0C1:SSL routines:tls_post_process_client_hell show less	Port Scan

Showing 1 to 15 of 62 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 179.125.175.74

🇺🇸 66.228.53.78

🇺🇸 20.64.105.234

🇸🇦 5.41.102.65

🇺🇸 2602:80d:1007::36

🇳🇱 192.142.24.39

🇨🇳 183.17.227.66

🇺🇸 162.216.150.34

🇺🇸 147.185.132.45

🇷🇺 95.167.225.76

🇰🇷 61.76.38.54

🇳🇱 45.148.10.152

🇨🇳 114.116.224.167

🇺🇸 47.251.116.252

🇩🇪 2602:80d:1005::1d

🇩🇪 207.154.245.145

🇨🇦 174.1.36.218

🇷🇴 92.118.39.236

🇺🇸 73.63.190.83

🇩🇪 69.5.169.39