IP Address

172.245.112.205

IPv4 Public
US US
AS36352
AS-COLOCROSSING
426 Reports
This IP is on the Blacklist High confidence threat - blocking recommended
10/10 Threat
91% Confidence
426 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Top 5% Most Dangerous
US
US Location
AS-COLOCROSSING ASN 36352
426 Reports
Honeypot Data Source

Critical Threat

IP 172.245.112.205 is a critical-risk address assigned to AS-COLOCROSSING (AS36352) in the United States, responsible for 401 confirmed hacking intrusion attempts detected by automated honeypot sensors between August 2025 and May 2026.

Security monitoring systems logged 401 abuse reports attributing this IP to sustained unauthorized access attempts and vulnerability exploitation activity. The detection confidence of 93% reflects consistent attack signatures observed across multiple honeypot sensors over an approximately nine-month period. Activity frequency scored 8/10 indicates near-continuous engagement with target systems, suggesting an automated or semi-automated attack infrastructure rather than isolated manual probing. The network is operated by AS-COLOCROSSING, a hosting provider known for accommodating diverse customer traffic, which aligns with the high-volume threat profile observed.

The dominant hacking classification encompasses multiple intrusion techniques including exploitation of software vulnerabilities, brute-force authentication attacks, and probing for misconfigured services. For organizations running exposed SSH, RDP, web applications, or other network-accessible services, this IP represents a direct pathway for unauthorized system access, credential theft, and potential network pivoting by threat actors. The sustained activity pattern indicates the address is likely part of coordinated scanning campaigns or botnet-driven operations rather than opportunistic single-attempt activity.

Site operators should block 172.245.112.205 at the firewall level and implement rate-limiting on authentication endpoints to mitigate credential-stuffing attempts. Deploying fail2ban or equivalent log-analysis tools can automatically ban repeat offenders based on failed login patterns. Regular patching of exposed services, enforcement of strong authentication credentials, and monitoring of authentication logs for this IP address will reduce exposure to the exploitation techniques this actor employs.

More threatening than 97% of monitored IPs

Threat Categories

Hacking 30

Technical Details

General hacking activity includes various intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts.

Recommended Mitigations

Keep systems patched, implement intrusion detection, and follow security best practices.

Behavioral Analysis

Activity Pattern: Consistent Activity

Steady malicious activity over 4 weeks indicates persistent threat actor operations.

First Observed 11. May 2026
Last Activity 9. June 2026
Recent (7 days) 23 incidents

Reputable Network

This IP is hosted on a network (ASN 36352) with generally good reputation. The ISP AS-COLOCROSSING maintains standard security practices.

The malicious activity may represent an isolated compromised system rather than systematic abuse.

Security Recommendations

Long-term blocking recommended.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 10/10 Critical
Critical
Activity Frequency 8/10 High
Confidence Score 91% Verified

Confidence History

30. May 2026 - 9. Jun 2026
91% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
New Hacking Honeypot 75%
New Hacking Honeypot 75%
New Hacking Honeypot 75%
New Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
10 of 426 shown

Technical Details

Basic Information

IP Address
172.245.112.205
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class B

Geolocation

Country
US US
ASN
AS36352
ISP
AS-COLOCROSSING

DNS Information

Reverse DNS
172-245-112-205-host.colocrossing.com
PTR Record
Yes
Connection Type
Dynamic

Statistics

Total Reports
426
First Reported
15 Aug 2025
Last Reported
9 Jun 2026, 02:03

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS36352
HostPapa
US US

Network Threat Assessment

2/10
This network appears to be relatively clean with very low threat indicators.

Network Statistics

357
Total IPs Monitored
90,635
Total Reports
253.9
Reports per IP

Network Context

This IP address belongs to HostPapa (AS36352), which manages 357 IP addresses in our monitoring system. Out of these, 90,635 have been reported for suspicious activities, resulting in a network-wide threat level of 2/10.

Network status: This network appears to be well-maintained with low threat indicators.

Comparative Analysis

How this IP compares to others in our threat intelligence database

97 %

Global Threat Ranking

This IP is more threatening than 97% of all IPs in our database.

Top 10% Most Dangerous

Global Comparison

Compared against 199,245 reported IPs worldwide

Threat Level 10/10 avg: 5.3 ++
Total Reports 426 avg: 23 ++

Network Comparison

Compared against 545 IPs in ASN 36352

Threat Level 10/10 network avg: 5.8 ++
Total Reports 426 network avg: 169 ++
Network AS-COLOCROSSING has overall threat level 2/10

Geographic Comparison

Compared against 38,425 IPs in US

Threat Level 10/10 country avg: 5.9 ++
Total Reports 426 country avg: 41 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

186,914 threat incidents tracked globally • Last 24h: 18,893 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US THIS IP
    38,421 20.6%
  2. 02
    IN
    India IN
    28,931 15.5%
  3. 03
    CN
    China CN
    26,004 13.9%
  4. 04
    BR
    Brazil BR
    10,236 5.5%
  5. 05
    DE
    Germany DE
    7,138 3.8%
  6. 06
    SG
    Singapore SG
    6,475 3.5%
  7. 07
    ID
    Indonesia ID
    5,522 3%
  8. 08
    RU
    Russia RU
    4,700 2.5%
  9. 09
    PK
    Pakistan PK
    4,646 2.5%
  10. 10
    NL
    Netherlands NL
    4,354 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same Autonomous System (AS) network provider.

20 Related IPs
9.4/10 Avg Threat
96% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
198.23.160.197 8/10
Confidence 99%
Reports 41
Location US US
3 Mar 2026
107.174.11.71 10/10
Confidence 98%
Reports 73
Location US US
24 Apr 2026
107.172.250.235 10/10
Confidence 98%
Reports 14
Location US US
8 Jun 2026
192.227.213.228 10/10
Confidence 98%
Reports 13
Location US US
27 May 2026
23.95.191.250 10/10
Confidence 98%
Reports 11
Location US US
9 Jun 2026
192.210.248.44 8/10
Confidence 97%
Reports 56
Location US US
2 Mar 2026
206.217.131.233 8/10
Confidence 97%
Reports 46
Location US US
27 Feb 2026
96.44.147.179 8/10
Confidence 97%
Reports 44
Location US US
2 Mar 2026
107.173.10.98 8/10
Confidence 97%
Reports 32
Location US US
27 Feb 2026
23.94.235.137 8/10
Confidence 97%
Reports 24
Location US US
25 Feb 2026
107.175.114.16 10/10
Confidence 96%
Reports 11
Location US US
8 Jun 2026
198.23.150.42 10/10
Confidence 96%
Reports 11
Location US US
27 May 2026
104.168.30.30 10/10
Confidence 96%
Reports 11
Location US US
21 May 2026
23.95.197.214 10/10
Confidence 94%
Reports 712
Location US US
27 Dec 2025
23.95.188.50 10/10
Confidence 94%
Reports 644
Location US US
30 Dec 2025
107.173.112.54 10/10
Confidence 94%
Reports 550
Location US US
12 May 2026
107.173.171.247 10/10
Confidence 94%
Reports 329
Location US US
7 Jun 2026
198.46.166.149 10/10
Confidence 94%
Reports 220
Location US US
9 Jun 2026
107.167.34.125 10/10
Confidence 94%
Reports 136
Location US US
8 Jun 2026
23.95.137.106 10/10
Confidence 94%
Reports 125
Location US US
8 Jun 2026

IPs from the same country with similar threat profiles.

15 Related IPs
8.3/10 Avg Threat
100% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
208.109.188.137 8/10
Confidence 100%
Reports 514
ISP GO-DADDY-COM-LLC
9 Jun 2026
50.6.7.129 8/10
Confidence 100%
Reports 447
ISP ORACLE-BMC-31898
22 May 2026
72.167.150.128 8/10
Confidence 100%
Reports 429
ISP GO-DADDY-COM-LLC
27 May 2026
50.6.229.148 8/10
Confidence 100%
Reports 346
ISP ORACLE-BMC-31898
9 May 2026
87.121.84.30 8/10
Confidence 100%
Reports 295
ISP Vpsvault.host Ltd
20 Apr 2026
50.6.226.221 10/10
Confidence 100%
Reports 223
ISP ORACLE-BMC-31898
2 Mar 2026
31.57.184.107 8/10
Confidence 100%
Reports 202
ISP Netiface LLC
3 Jun 2026
64.31.25.250 8/10
Confidence 100%
Reports 176
ISP Limestone Netwo...
8 Jun 2026
74.206.180.196 8/10
Confidence 100%
Reports 143
ISP MOJOHOST
4 Jun 2026
35.226.7.126 8/10
Confidence 100%
Reports 131
ISP Google LLC
18 May 2026
147.135.37.185 8/10
Confidence 100%
Reports 131
ISP OVH SAS
14 May 2026
162.241.152.21 8/10
Confidence 100%
Reports 126
ISP Network Solutio...
8 Jun 2026
38.95.35.74 8/10
Confidence 100%
Reports 112
ISP Limestone Netwo...
2 Jun 2026
50.6.169.131 8/10
Confidence 100%
Reports 106
ISP Network Solutio...
6 Jun 2026
162.214.206.32 10/10
Confidence 100%
Reports 98
ISP Unified Layer
30 May 2026

IPs with similar threat level and confidence scores.

15 Related IPs
8.4/10 Avg Threat
91% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
172.110.223.33 8/10
Confidence 91%
Reports 6,481
Location HK HK
9 Jun 2026
94.154.35.215 10/10
Confidence 91%
Reports 5,696
Location NL NL
9 Jun 2026
176.65.149.224 10/10
Confidence 91%
Reports 4,961
Location NL NL
9 Jun 2026
176.65.149.67 10/10
Confidence 91%
Reports 4,060
Location NL NL
9 Jun 2026
176.65.149.30 10/10
Confidence 91%
Reports 3,886
Location NL NL
9 Jun 2026
194.50.16.198 8/10
Confidence 91%
Reports 2,443
Location NL NL
13 May 2026
91.92.243.76 8/10
Confidence 91%
Reports 1,758
Location US US
9 Jun 2026
185.218.138.11 7/10
Confidence 91%
Reports 1,517
Location US US
9 Jun 2026
185.218.138.14 7/10
Confidence 91%
Reports 1,450
Location US US
9 Jun 2026
137.184.112.192 8/10
Confidence 91%
Reports 1,418
Location US US
9 Jun 2026
185.218.138.13 8/10
Confidence 91%
Reports 1,382
Location US US
9 Jun 2026
88.210.63.3 8/10
Confidence 91%
Reports 1,372
Location UA UA
9 Jun 2026
92.63.197.80 8/10
Confidence 91%
Reports 1,346
Location UA UA
9 Jun 2026
92.63.197.79 8/10
Confidence 91%
Reports 1,328
Location UA UA
9 Jun 2026
88.210.63.5 8/10
Confidence 91%
Reports 1,303
Location UA UA
9 Jun 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "172.245.112.205",
    "threat_level": 10,
    "confidence_score": 91,
    "total_reports": 426,
    "country_code": "US",
    "isp_name": "AS-COLOCROSSING",
    "asn": "36352",
    "first_reported": "2025-08-15 05:41:38",
    "last_reported": "2026-06-09 02:03:25",
    "exported_at": "2026-06-09T07:17:14+02:00",
    "source": "https://reportedip.de/ip/172.245.112.205/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses