JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 138.197.17.217

138.197.17.217 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 84%: ?

84%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇺🇸 United States of America
City	Clifton, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 138.197.17.217

Whois 138.197.17.217

IP Abuse Reports for 138.197.17.217:

This IP address has been reported a total of 19 times from 16 distinct sources. 138.197.17.217 was first reported on May 14th 2026, and the most recent report was 19 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 donarev419	2026-06-12 07:30:21 (19 hours ago)	Connection to port 5601 with data transfer. Data preview: GET / HTTP/1.1 Host: 167.253.66.144:5601 ... show more Connection to port 5601 with data transfer. Data preview: GET / HTTP/1.1 Host: 167.253.66.144:5601 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv: show less	Port Scan Hacking
🇺🇸 xmission.com	2026-06-12 07:16:31 (19 hours ago)	Blocked by UFW (TCP on 5601) Source port: 80 TTL: 241 Packet length: 44 TOS: 0x0A This report (for ... show more Blocked by UFW (TCP on 5601) Source port: 80 TTL: 241 Packet length: 44 TOS: 0x0A This report (for 138.197.17.217) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇫🇮 6kilowatti	2026-06-12 06:56:12 (20 hours ago)	2026-06-12T09:56:11.434486+03:00 mummo kernel: [UFW BLOCK] IN=enp0s25 OUT= MAC=6c:62:6d:d6:a5:bc:00: ... show more 2026-06-12T09:56:11.434486+03:00 mummo kernel: [UFW BLOCK] IN=enp0s25 OUT= MAC=6c:62:6d:d6:a5:bc:00:00:5e:00:01:58:08:00 SRC=138.197.17.217 DST=83.148.240.21 LEN=44 TOS=0x02 PREC=0x00 TTL=240 ID=26437 PROTO=TCP SPT=80 DPT=5601 WINDOW=65535 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇺🇸 Axel	2026-06-12 06:51:44 (20 hours ago)	Blocked by UFW on MVI [5601/tcp] \| SPT: 80 \| TTL: 240 \| LEN: 44 \| TOS: 0x02 • Reported by: github.co ... show more Blocked by UFW on MVI [5601/tcp] \| SPT: 80 \| TTL: 240 \| LEN: 44 \| TOS: 0x02 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 xmission.com	2026-06-12 06:50:57 (20 hours ago)	Blocked by UFW (TCP on 5601) Source port: 80 TTL: 240 Packet length: 44 TOS: 0x0A This report (for ... show more Blocked by UFW (TCP on 5601) Source port: 80 TTL: 240 Packet length: 44 TOS: 0x0A This report (for 138.197.17.217) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇬🇧 gbzret4d	2026-06-07 20:03:54 (5 days ago)	Honeypot [uk-production01]: HTTP/1.1 request on 1244 GET / User-Agent: Mozilla/5.0 (X11; Linux x86_ ... show more Honeypot [uk-production01]: HTTP/1.1 request on 1244 GET / User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate; 1244 [2] TCP show less	Hacking Bad Web Bot
🇺🇸 MPL	2026-06-07 19:19:38 (5 days ago)	tcp/8883	Port Scan
🇫🇷 masterguru	2026-06-07 04:37:06 (5 days ago)	(wordpress) Apache: Failed WordPress login from 138.197.17.217 (US/United States/-): 10 in the last ... show more (wordpress) Apache: Failed WordPress login from 138.197.17.217 (US/United States/-): 10 in the last 3600 secs (0-197) show less	Hacking
🇨🇦 Dunham Support	2026-06-07 04:18:40 (5 days ago)	(wordpress) Failed wordpress login from 138.197.17.217 (US/United States/-)	Brute-Force
🇪🇸 masterguru	2026-06-07 04:17:21 (5 days ago)	wp-login request blocked, no referer. Pattern match "wp-login.php" at REQUEST_URI. (5001900-122)	Web App Attack
🇮🇹 VHosting	2026-06-07 04:10:03 (5 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇨🇭 backslash	2026-06-07 03:51:00 (5 days ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇷🇺 Mga Admin	2026-06-07 03:45:03 (5 days ago)	138.197.17.217 - - [07/Jun/2026:10:45:02 +0700] "GET /wp-login.php HTTP/1.1" 404 69 "-" "Mozilla/5.0 ... show more 138.197.17.217 - - [07/Jun/2026:10:45:02 +0700] "GET /wp-login.php HTTP/1.1" 404 69 "-" "Mozilla/5.0" ... show less	Web App Attack
🇩🇪 0x44	2026-06-07 03:33:15 (5 days ago)	Abusive host detected - WordPress vulnerability scanning	Web App Attack Hacking
🇩🇪 FeG Deutschland	2026-06-07 03:18:54 (5 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 12	Exploited Host Web App Attack

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇭 202.183.141.133

🇫🇮 193.164.155.103

🇸🇬 188.166.252.226

🇬🇧 135.136.20.14

🇨🇳 124.223.79.152

🇨🇳 118.145.245.82

🇹🇭 117.121.214.50

🇷🇴 80.94.92.171

🇴🇲 62.61.161.186

🇺🇸 52.230.163.217

🇧🇷 45.162.8.14

🇸🇬 43.156.24.132

🇺🇸 35.230.70.99

🇺🇸 18.116.235.119

🇺🇸 13.87.230.203

🇵🇰 202.47.57.221

🇮🇳 182.95.189.206

🇺🇸 147.185.132.47

🇨🇳 116.179.32.133

🇧🇩 103.122.250.215