JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 193.138.218.217

193.138.218.217 was found in our database!

This IP was reported 705 times. Confidence of Abuse is 90%: ?

90%

ISP	31173 Services AB infrastructure in Malmo, Sweden.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS39351
Domain Name	31173.se
Country	🇸🇪 Sweden
City	Malmo, Skane

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 193.138.218.217

Whois 193.138.218.217

IP Abuse Reports for 193.138.218.217:

This IP address has been reported a total of 705 times from 245 distinct sources. 193.138.218.217 was first reported on April 3rd 2022, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-06-18 16:48:56 (1 day ago)	Web attack/malicious scanning detected	Web App Attack
🇷🇴 gtheo99	2026-06-18 03:17:22 (2 days ago)	(sshd) Failed SSH login from 193.138.218.217 (SE/Sweden/-): 2 in the last 900 secs	SSH Brute-Force
🇺🇸 mfilser	2026-06-16 23:58:43 (3 days ago)	2026-06-17T01:58:40.660608+02:00 my-vps sshd[88924]: pam_unix(sshd:auth): authentication failure; lo ... show more 2026-06-17T01:58:40.660608+02:00 my-vps sshd[88924]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.138.218.217 2026-06-17T01:58:42.309096+02:00 my-vps sshd[88924]: Failed password for invalid user pacote from 193.138.218.217 port 50702 ssh2 ... show less	Brute-Force SSH
🇺🇸 mnsf	2026-06-16 00:23:25 (4 days ago)	Abuse Detected (2)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 23:27:47 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 193.138.218.217 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 193.138.218.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 19:27:43.580742 2026] [security2:error] [pid 13961:tid 13961] [client 193.138.218.217:59416] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dianogah.com"] [uri "/.git/index"] [unique_id "ajCKb3IWA7iXo0EI06DC1QAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 22:23:10 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 193.138.218.217 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 193.138.218.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 18:23:05.041925 2026] [security2:error] [pid 14317:tid 14317] [client 193.138.218.217:35046] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "barkdull.org"] [uri "/.git/index"] [unique_id "ajB7ScCiWxFZVLydOJ8kFAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇭🇺 bcsaba	2026-06-15 22:08:08 (4 days ago)	Probing for .git: 193.138.218.217 - - [16/Jun/2026:00:08:04 +0200] "GET /.git/index HTTP/2.0" 403 14 ... show more Probing for .git: 193.138.218.217 - - [16/Jun/2026:00:08:04 +0200] "GET /.git/index HTTP/2.0" 403 146 "-" "moving-to-bins/1.0" show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 20:43:28 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 193.138.218.217 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 193.138.218.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 16:43:22.801413 2026] [security2:error] [pid 23451:tid 23451] [client 193.138.218.217:55538] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "assistfeed.com"] [uri "/.git/index"] [unique_id "ajBj6r4ejdiFAwzAc4C-qgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Major Hostility	2026-06-15 20:11:19 (4 days ago)	"GET /.git/index HTTP/1.1" 404 "GET /.git/index HTTP/1.1" 404	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 20:07:26 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 193.138.218.217 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 193.138.218.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 16:07:18.733607 2026] [security2:error] [pid 9807:tid 9849] [client 193.138.218.217:52632] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arrowsinthequiver.com"] [uri "/.git/index"] [unique_id "ajBbdqiUdfrcq3QZnsBpuQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇮 NoaQT	2026-06-15 17:55:04 (4 days ago)	2026-06-15T19:55:01.696241+02:00 asdeby sshd-session[1409268]: pam_unix(sshd:auth): authentication f ... show more 2026-06-15T19:55:01.696241+02:00 asdeby sshd-session[1409268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.138.218.217 2026-06-15T19:55:03.927515+02:00 asdeby sshd-session[1409268]: Failed password for invalid user acs from 193.138.218.217 port 33376 ssh2 2026-06-15T19:55:04.083712+02:00 asdeby sshd-session[1409268]: Disconnected from invalid user acs 193.138.218.217 port 33376 [preauth] ... show less	Brute-Force SSH
🇺🇸 bigscoots.com	2026-06-15 12:16:57 (4 days ago)	193.138.218.217 (SE/Sweden/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; P ... show more 193.138.218.217 (SE/Sweden/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jun 15 06:58:56 15660 sshd[9940]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.32.248.135 user=root Jun 15 06:58:58 15660 sshd[9940]: Failed password for root from 193.32.248.135 port 44032 ssh2 Jun 15 07:16:44 15660 sshd[20462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.127.222.213 user=root Jun 15 07:03:26 15660 sshd[12688]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.138.218.217 user=root Jun 15 07:03:28 15660 sshd[12688]: Failed password for root from 193.138.218.217 port 53286 ssh2 IP Addresses Blocked: 193.32.248.135 (DE/Germany/-) 79.127.222.213 (US/United States/unn-79-127-222-213.datapacket.com) show less	Brute-Force SSH
🇩🇪 Viveronese	2026-06-15 12:03:23 (4 days ago)	SSH brute force attacks	Brute-Force SSH
🇩🇪 CELOS-SOC	2026-06-14 00:31:31 (6 days ago)	Multiple Unauthorized SSLVPN Login Attempts	Hacking Brute-Force
🇩🇪 CELOS-SOC	2026-06-12 20:31:53 (1 week ago)	Multiple Unauthorized SSLVPN Login Attempts	Hacking Brute-Force

Showing 1 to 15 of 705 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 213.166.84.40

🇺🇸 147.185.132.174

🇮🇳 123.253.162.254

🇩🇪 69.5.169.122

🇺🇸 23.251.114.152

🇰🇷 113.131.183.17

🇨🇳 111.32.153.180

🇺🇸 99.92.204.98

🇦🇪 217.165.14.23

🇦🇹 213.225.9.147

🇺🇸 162.216.150.247

🇮🇳 152.59.84.227

🇺🇸 135.237.127.112

🇩🇪 107.150.117.219

🇮🇳 103.163.44.10

🇧🇬 91.191.209.98

🇺🇸 66.132.172.192

🇺🇸 23.251.114.155

🇸🇬 23.111.14.183

🇺🇸 20.221.72.241