JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 193.169.194.61

193.169.194.61 was found in our database!

This IP was reported 393 times. Confidence of Abuse is 100%: ?

100%

ISP	SIA GOOD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS214576
Domain Name	goodtec.lv
Country	🇩🇪 Germany
City	Bocholt, North Rhine-Westphalia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 193.169.194.61

Whois 193.169.194.61

IP Abuse Reports for 193.169.194.61:

This IP address has been reported a total of 393 times from 149 distinct sources. 193.169.194.61 was first reported on May 11th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 micropedro	2026-06-08 23:30:27 (2 weeks ago)	4 incidents: malicious activity. First: 2026-06-01 18:30, Last: 2026-06-08 19:30 UTC. Triggers: ufw- ... show more 4 incidents: malicious activity. First: 2026-06-01 18:30, Last: 2026-06-08 19:30 UTC. Triggers: ufw-repeater. show less	Port Scan
🇷🇺 Agrohim	2026-05-31 00:03:06 (3 weeks ago)	Gate Inet blocked for categories:	DDoS Attack Ping of Death Port Scan Hacking Brute-Force
🇺🇸 micropedro	2026-05-25 21:30:33 (4 weeks ago)	3 incidents: malicious activity. First: 2026-05-11 16:05, Last: 2026-05-25 17:30 UTC. Triggers: ufw- ... show more 3 incidents: malicious activity. First: 2026-05-11 16:05, Last: 2026-05-25 17:30 UTC. Triggers: ufw-repeater. show less	Port Scan
🇺🇸 micropedro	2026-05-25 21:30:33 (4 weeks ago)	4 incidents: malicious activity. First: 2026-05-18 16:30, Last: 2026-05-25 17:30 UTC. Triggers: ufw- ... show more 4 incidents: malicious activity. First: 2026-05-18 16:30, Last: 2026-05-25 17:30 UTC. Triggers: ufw-repeater. show less	Port Scan
🇫🇮 GamesGames	2026-05-18 07:11:59 (1 month ago)	SSH login attempts	Brute-Force SSH
🇷🇴 /dev/null	2026-05-16 22:48:26 (1 month ago)	RouterOS: Portscanner detected.	Port Scan Brute-Force
🇨🇳 ThreatBook.io	2026-05-15 23:28:23 (1 month ago)	ThreatBook Intelligence: http_proxy,Spam more details on https://threatbook.io/ip/193.169.194.61	SSH
🇨🇭 SOC [GOLINE SA]	2026-05-15 08:27:50 (1 month ago)	IDS Alert: ET CINS Active Threat Intelligence Poor Reputation IP group 269 === ATTACK === Signature: ... show more IDS Alert: ET CINS Active Threat Intelligence Poor Reputation IP group 269 === ATTACK === Signature: ET CINS Active Threat Intelligence Poor Reputation IP group 269 \| SID: 2403568 \| Severity: 2 \| Category: Misc Attack === SOURCE === IP: 193.169.194.61 (IPv4) \| Port: 57675 \| Country: United Kingdom \| ISP: LV-GOODTEC-20240222 \| rDNS: None === TARGET === Host: lilys.ch \| IP: 185.54.81.50 \| Port: 22 \| Protocol: TCP \| App: N/A === RESPONSE === Time: 2026-05-15 10:27:49 \| Action: Blocked show less	Exploited Host Hacking
🇩🇪 phil2k	2026-05-15 01:24:47 (1 month ago)	portscan on multiple TCP ports : Firewall: Within 2026-05-11 20:38:04 - 2026-05-12 00:14:52 CEST(+02 ... show more portscan on multiple TCP ports : Firewall: Within 2026-05-11 20:38:04 - 2026-05-12 00:14:52 CEST(+0200) identified: unallowed access from 193.169.194.61/32 on uncommon port/s: 1433(ms-sql-s),8291(tcp:8291) (2 trials) Fail2ban: Within 2026-05-11 20:38:04 - 2026-05-12 00:15:21 CEST(+0200) banned: 9 times by fail2ban[firewall]; 9 times by fail2ban[recidive] show less	Port Scan
🇧🇾 StatsMe	2026-05-14 21:21:47 (1 month ago)	2026-05-14T01:44:04.474465+0300 ET SCAN NMAP -sS window 1024	Port Scan
🇺🇸 donarev419	2026-05-14 06:57:14 (1 month ago)	Connection to port 8728 with data transfer. Data preview: /login=name=admin=password=123456	Port Scan Hacking
🇺🇸 donarev419	2026-05-14 05:55:46 (1 month ago)	Connection to port 8728 with data transfer. Data preview: /login=name=admin=password=qwerty	Port Scan Hacking
🇨🇭 SOC [GOLINE SA]	2026-05-14 04:15:05 (1 month ago)	[RoutePulse \| 2026-05-14T04:15:05Z \| RTBH-INJECTED] ATTACK CLASS: behavioral SOURCE: 193.169.194.61 ... show more [RoutePulse \| 2026-05-14T04:15:05Z \| RTBH-INJECTED] ATTACK CLASS: behavioral SOURCE: 193.169.194.61 · AS214576 Berdiev Ruslan Mukhabatovich · United Kingdom EVIDENCE: This IP has a threat score of 98 with 100% AbuseIPDB abuse score across 19 reports, actively scanning 47 unique targets across multiple ports including RDP (3389), SSH (22), VNC (5900), SMB (445), and WinRM (5985) — a confirmed multi-vector INTEL: AbuseIPDB 100% \| feeds: Wazuh SIEM — Wazuh Threat Intel (built-in TI enrichment),AbuseIPDB_IP_Blacklist,Wazuh SIEM — Suricata IDS,Spamhaus DROP (28) \| RoutePulse score 98/100 CONVICTION: Tier 4, LLR 1.01 (multi-source SPRT) MITRE: T1071 Application Layer Protocol DETECTION: Conviction Engine SPRT + 18-model ML ensemble + 5-pillar threat scoring ACTION: BGP null route injected at RoutePulse network edge show less	Hacking
🇺🇸 MPL	2026-05-14 01:31:53 (1 month ago)	tcp/9050 (2 or more attempts)	Port Scan
🇳🇱 COMPLEX	2026-05-14 01:21:23 (1 month ago)	Unsolicited TCP traffic \| Action: DROP \| Port 9050	Brute-Force

Showing 1 to 15 of 393 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 222.129.37.92

🇫🇷 185.210.205.92

🇺🇸 172.236.123.208

🇩🇿 129.45.84.205

🇨🇳 118.145.111.55

🇳🇱 91.92.40.10

🇷🇴 80.94.92.55

🇺🇸 64.62.195.158

🇬🇧 37.10.113.215

🇬🇧 35.203.210.195

🇬🇧 35.203.210.65

🇺🇸 2600:1f10:4310:fa00:405f:1982:610b:13de

🇺🇸 167.99.106.254

🇫🇮 135.181.182.250

🇰🇿 95.59.142.69

🇺🇸 45.156.129.80

🇧🇷 45.70.167.175

🇺🇸 20.171.8.150

🇮🇶 194.127.108.235

🇳🇱 185.93.89.154