JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 193.37.213.85

193.37.213.85 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 100%: ?

100%

ISP	Redcluster LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS44901
Domain Name	redcluster.net
Country	🇧🇬 Bulgaria
City	Sofia, Sofia-Capital

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 193.37.213.85

Whois 193.37.213.85

IP Abuse Reports for 193.37.213.85:

This IP address has been reported a total of 35 times from 33 distinct sources. 193.37.213.85 was first reported on June 11th 2026, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Version Net	2026-06-13 10:56:02 (16 hours ago)	IPS Detection: Apache.HTTP.Server.cgi-bin.Path.Traversal	Hacking
🇺🇸 LotPhantom	2026-06-13 10:52:58 (17 hours ago)	2026-06-13T10:52:42.870064+00:00 bridginggaps kernel: [UFW BLOCK] IN=eth0 OUT= MAC=2e:bc:64:1d:2c:e1 ... show more 2026-06-13T10:52:42.870064+00:00 bridginggaps kernel: [UFW BLOCK] IN=eth0 OUT= MAC=2e:bc:64:1d:2c:e1:fe:00:00:00:01:01:08:00 SRC=193.37.213.85 DST=157.230.217.55 LEN=40 TOS=0x00 PREC=0x00 TTL=47 ID=57205 PROTO=TCP SPT=43410 DPT=23 WINDOW=65535 RES=0x00 SYN URGP=0 2026-06-13T10:52:42.870087+00:00 bridginggaps kernel: [UFW BLOCK] IN=eth0 OUT= MAC=2e:bc:64:1d:2c:e1:fe:00:00:00:01:01:08:00 SRC=193.37.213.85 DST=157.230.217.55 LEN=40 TOS=0x00 PREC=0x00 TTL=47 ID=57205 PROTO=TCP SPT=43410 DPT=23 WINDOW=65535 RES=0x00 SYN URGP=0 ... show less	Port Scan Hacking
🇩🇪 ghostwarriors	2026-06-13 10:50:03 (17 hours ago)	Unauthorized connection attempt detected, SSH Brute-Force	Brute-Force Port Scan SSH
🇩🇪 BiancaNL	2026-06-13 10:41:39 (17 hours ago)	Fail2Ban: jail=sshd on <fqdn> (port=<port>)	Brute-Force
🇧🇾 lns.bz	2026-06-13 10:39:04 (17 hours ago)	SSH bruteforce [BY]	SSH
🇨🇦 marcelrobitaille.me	2026-06-13 10:36:25 (17 hours ago)	2026-06-13T10:32:17.776802+00:00 marcelrobitaille.me sshd-session[472253]: Invalid user admin from 1 ... show more 2026-06-13T10:32:17.776802+00:00 marcelrobitaille.me sshd-session[472253]: Invalid user admin from 193.37.213.85 port 50874 2026-06-13T10:32:48.661625+00:00 marcelrobitaille.me sshd-session[472258]: Invalid user orangepi from 193.37.213.85 port 60222 2026-06-13T10:36:25.080073+00:00 marcelrobitaille.me sshd-session[472287]: Invalid user test from 193.37.213.85 port 51352 ... show less	Brute-Force SSH
🇳🇱 gbzret4d	2026-06-13 10:32:25 (17 hours ago)	Blocked by CrowdSec. Scenario: crowdsecurity/ssh-slow-bf	Brute-Force SSH
🇹🇷 Threat.live	2026-06-13 10:30:02 (17 hours ago)	Threat.live: Brute Force	Brute-Force
🇺🇸 bigscoots.com	2026-06-13 10:29:09 (17 hours ago)	(sshd) Failed SSH login from 193.37.213.85 (BG/Bulgaria/-): 5 in the last 3600 secs; Ports: ; Direc ... show more (sshd) Failed SSH login from 193.37.213.85 (BG/Bulgaria/-): 5 in the last 3600 secs; Ports: ; Direction: 1; Trigger: LF_SSHD; Logs: Jun 13 05:27:52 14405 sshd[26393]: Invalid user admin from 193.37.213.85 port 48808 Jun 13 05:27:54 14405 sshd[26393]: Failed password for invalid user admin from 193.37.213.85 port 48808 ssh2 Jun 13 05:28:25 14405 sshd[26856]: Invalid user orangepi from 193.37.213.85 port 33092 Jun 13 05:28:27 14405 sshd[26856]: Failed password for invalid user orangepi from 193.37.213.85 port 33092 ssh2 Jun 13 05:28:58 14405 sshd[27014]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.37.213.85 user=root show less	Brute-Force SSH
Anonymous	2026-06-13 10:21:37 (17 hours ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
🇭🇺 SaMU	2026-06-13 10:16:26 (17 hours ago)	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "admin" at 2026-06-13T10:16:26Z	Brute-Force SSH
🇯🇵 VXG-NET	2026-06-13 10:15:58 (17 hours ago)	port=80, indicator_type=code-execution	Hacking
🇫🇷 dynamix	2026-06-13 10:13:39 (17 hours ago)	Multiple WAF Violations	Web App Attack
🇧🇷 SOC-BR	2026-06-11 07:22:44 (2 days ago)	Attack detected by Fortinet - web_server: PHPUnit.Eval-stdin.PHP.Remote.Code.Execution - 2026-06-10 ... show more Attack detected by Fortinet - web_server: PHPUnit.Eval-stdin.PHP.Remote.Code.Execution - 2026-06-10 20:47:03 - Source Port 41110 show less	Port Scan Hacking
🇺🇸 SentinalX by uzumaru	2026-06-11 06:00:10 (2 days ago)	SSH brute-force detected: 9 failed login attempts in the last 1 hour.	Brute-Force SSH

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.71

🇧🇷 205.210.31.184

🇩🇪 185.249.74.198

🇩🇪 155.117.13.209

🇩🇰 96.0.24.240

🇧🇷 45.205.1.5

🇧🇪 35.241.175.97

🇨🇳 183.167.146.81

🇨🇳 117.89.254.46

🇨🇳 106.117.105.10

🇺🇸 82.24.134.101

🇫🇷 79.143.189.61

🇺🇸 64.62.197.204

🇻🇳 42.119.44.121

🇸🇬 35.247.162.47

🇬🇧 35.203.211.229

🇺🇸 216.180.246.224

🇻🇳 125.212.244.35

🇲🇲 103.59.163.133

🇹🇭 101.109.81.11