JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 193.22.147.89

193.22.147.89 was found in our database!

This IP was reported 115 times. Confidence of Abuse is 70%: ?

70%

ISP	Contabo GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51167
Hostname(s)	vmi2263258.contaboserver.net
Domain Name	contabo.com
Country	🇩🇪 Germany
City	Karlsruhe, Baden-Wurttemberg

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 193.22.147.89

Whois 193.22.147.89

IP Abuse Reports for 193.22.147.89:

This IP address has been reported a total of 115 times from 17 distinct sources. 193.22.147.89 was first reported on September 11th 2025, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 eduardomelendezjr	2026-06-06 05:39:21 (4 hours ago)	Rule : RDP Rule: RDP Event: RDP UserAccount : administrator S-1-0-0 - - 0x0 S-1-0-0 administrator ... show more Rule : RDP Rule: RDP Event: RDP UserAccount : administrator S-1-0-0 - - 0x0 S-1-0-0 administrator VMI2263258 0xc000006d %#13 0xc000006a 3 NtLmSsp NTLM VMI2263258 - - 0 0x0 - 193.22.147.89 0 show less	SSH Brute-Force
🇪🇸 el-brujo	2026-06-06 03:02:49 (7 hours ago)	06/06/2026-05:02:48.846818 193.22.147.89 Protocol: 6 ET SCAN Behavioral Unusually fast Terminal Serv ... show more 06/06/2026-05:02:48.846818 193.22.147.89 Protocol: 6 ET SCAN Behavioral Unusually fast Terminal Server Traffic Potential Scan or Infection (Inbound) show less	Hacking
🇬🇧 knock	2026-06-06 02:04:05 (8 hours ago)	Knock-Knock honeypot brute-force: RDP (64 total hits)	Brute-Force
🇺🇸 cwytech	2026-06-06 01:09:29 (8 hours ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/global-exclusion-high.	Hacking
🇳🇱 knock	2026-06-05 18:45:08 (15 hours ago)	Knock-Knock honeypot brute-force: RDP (67 total hits)	Brute-Force
🇪🇸 el-brujo	2026-06-05 18:02:33 (16 hours ago)	06/05/2026-20:02:33.582401 193.22.147.89 Protocol: 6 ET SCAN Behavioral Unusually fast Terminal Serv ... show more 06/05/2026-20:02:33.582401 193.22.147.89 Protocol: 6 ET SCAN Behavioral Unusually fast Terminal Server Traffic Potential Scan or Infection (Inbound) show less	Hacking
🇺🇸 ShadowWhisperer	2026-06-05 14:39:30 (19 hours ago)	RDP credential attempt.	Brute-Force Hacking
🇨🇭 TOCE	2026-06-05 13:56:03 (20 hours ago)	12 hits seen on 2026-06-05, ports 3389 (RDP) on a honeypot from www.toce.ch	Brute-Force
🇪🇸 el-brujo	2026-06-05 08:50:43 (1 day ago)	06/05/2026-10:50:42.956483 193.22.147.89 Protocol: 6 ET SCAN Behavioral Unusually fast Terminal Serv ... show more 06/05/2026-10:50:42.956483 193.22.147.89 Protocol: 6 ET SCAN Behavioral Unusually fast Terminal Server Traffic Potential Scan or Infection (Inbound) show less	Hacking
🇳🇱 knock	2026-06-05 00:31:35 (1 day ago)	Knock-Knock honeypot brute-force: RDP (61 total hits)	Brute-Force
🇬🇧 knock	2026-06-04 22:51:01 (1 day ago)	Knock-Knock honeypot brute-force: RDP (56 total hits)	Brute-Force
🇨🇭 TOCE	2026-06-04 19:37:22 (1 day ago)	16 hits seen on 2026-06-04, ports 3389 (RDP) on a honeypot from www.toce.ch	Brute-Force
🇪🇸 el-brujo	2026-06-04 14:38:12 (1 day ago)	06/04/2026-16:38:12.187552 193.22.147.89 Protocol: 6 ET SCAN Behavioral Unusually fast Terminal Serv ... show more 06/04/2026-16:38:12.187552 193.22.147.89 Protocol: 6 ET SCAN Behavioral Unusually fast Terminal Server Traffic Potential Scan or Infection (Inbound) show less	Hacking
🇺🇸 ShadowWhisperer	2026-06-04 11:14:29 (1 day ago)	RDP credential attempt.	Brute-Force Hacking
🇪🇸 el-brujo	2026-06-04 05:16:58 (2 days ago)	06/04/2026-07:16:58.020162 193.22.147.89 Protocol: 6 ET SCAN Behavioral Unusually fast Terminal Serv ... show more 06/04/2026-07:16:58.020162 193.22.147.89 Protocol: 6 ET SCAN Behavioral Unusually fast Terminal Server Traffic Potential Scan or Infection (Inbound) show less	Hacking

Showing 1 to 15 of 115 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 129.227.75.98

🇺🇸 20.80.83.148

🇻🇳 14.232.222.111

🇧🇴 181.188.176.242

🇳🇱 176.65.139.233

🇪🇬 156.196.174.21

🇺🇸 138.68.228.4

🇷🇴 92.118.39.236

🇩🇪 78.47.214.40

🇸🇦 46.152.120.209

🇸🇪 46.59.97.98

🇺🇸 18.144.7.106

🇺🇸 5.78.205.169

🇷🇺 213.180.203.2

🇩🇪 193.124.20.243

🇳🇱 176.65.139.231

🇩🇪 139.59.208.49

🇮🇳 103.214.232.198

🇺🇸 66.132.186.209

🇯🇵 52.194.236.59