JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.38.252.13

209.38.252.13 was found in our database!

This IP was reported 170 times. Confidence of Abuse is 21%: ?

21%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Hostname(s)	grantshares-db-e8fa1726.mongo.ondigitalocean.com
Domain Name	digitalocean.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.38.252.13

Whois 209.38.252.13

IP Abuse Reports for 209.38.252.13:

This IP address has been reported a total of 170 times from 103 distinct sources. 209.38.252.13 was first reported on June 19th 2023, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2026-06-02 22:45:00 (3 weeks ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 xmission.com	2026-06-02 19:18:42 (3 weeks ago)	Blocked by UFW (TCP on 3000) Source port: 61007 TTL: 237 Packet length: 44 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 3000) Source port: 61007 TTL: 237 Packet length: 44 TOS: 0x08 This report (for 209.38.252.13) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 MPL	2026-06-02 18:19:05 (3 weeks ago)	tcp/10000	Port Scan
🇺🇸 RAP	2026-05-19 14:15:07 (1 month ago)	2026-05-19 14:15:07 UTC Unauthorized activity to TCP port 8088. Web App	Port Scan Web App Attack
🇺🇸 MPL	2026-05-19 13:52:10 (1 month ago)	tcp/7000	Port Scan
🇺🇸 MPL	2026-05-19 13:52:10 (1 month ago)	tcp ports: 7000,7777 (2 or more attempts)	Port Scan
Anonymous	2026-05-17 00:02:22 (1 month ago)	<jail> banned by fail2ban	Brute-Force Web App Attack
Anonymous	2026-02-23 11:02:29 (4 months ago)	Large amount of failed SSH access attempts (brute-force)	Brute-Force SSH
🇫🇷 DNTV1	2026-02-22 02:57:36 (4 months ago)	SSH login many attempts failure	Brute-Force SSH
🇹🇷 rtbh.com.tr	2026-02-21 20:11:41 (4 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇪🇸 gnom4ik	2026-02-21 07:11:33 (4 months ago)	ban-reviewer auto report; ip=209.38.252.13; scenario=crowdsecurity/ssh-slow-bf; verdict=valid_ban; c ... show more ban-reviewer auto report; ip=209.38.252.13; scenario=crowdsecurity/ssh-slow-bf; verdict=valid_ban; confidence=0.90; categories=14,15,18,22; active_decisions=1; lookback_decisions=1; nginx_requests=0; appsec_matches=0; auth_events=26; kernel_events=0; signals=Multiple failed SSH authentication attempts with different usernames (admin, root); Pattern of repeated connection closed by invalid/authenticating user from same IP; High frequency of SSH-related events in short time window show less	Port Scan Hacking Brute-Force SSH
🇨🇭 Modules	2026-02-20 11:00:00 (4 months ago)	Cowrie honeypot: cowrie.session.connect, Protocol: ssh \| Cowrie honeypot: cowrie.session.closed, Pro ... show more Cowrie honeypot: cowrie.session.connect, Protocol: ssh \| Cowrie honeypot: cowrie.session.closed, Protocol: ssh \| Cowrie honeypot: cowrie.client.version, Protocol: ssh \| Cowrie honeypot: cowrie.client.kex, Protocol: ssh \| Cowrie honeypot: cowrie.login.success - user: root - password: root, Protocol: ssh \| Cowrie honeypot: cowrie.session.params, Protocol: ssh \| Cowrie honeypot: cowrie.command.input, Protocol: ssh \| Cowrie honeypot: cowrie.command.failed, Protocol: ssh \| Cowrie honeypot: cowrie.log.closed, Protocol: ssh (134 events, first: 2026-02-20T04:02:50.359Z, last: 2026-02-20T04:17:17.407Z) show less	Port Scan SSH
🇫🇷 pr0vieh	2026-02-20 07:19:51 (4 months ago)	2026-02-20T08:17:52.937051+01:00 Linux02 sshd[23840]: Failed password for invalid user developer fro ... show more 2026-02-20T08:17:52.937051+01:00 Linux02 sshd[23840]: Failed password for invalid user developer from 209.38.252.13 port 55834 ssh2 2026-02-20T08:18:30.294271+01:00 Linux02 sshd[25498]: Invalid user developer from 209.38.252.13 port 52114 2026-02-20T08:18:30.389557+01:00 Linux02 sshd[25498]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.38.252.13 2026-02-20T08:18:32.745272+01:00 Linux02 sshd[25498]: Failed password for invalid user developer from 209.38.252.13 port 52114 ssh2 2026-02-20T08:19:08.421445+01:00 Linux02 sshd[26938]: Invalid user developer from 209.38.252.13 port 57120 2026-02-20T08:19:08.526586+01:00 Linux02 sshd[26938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.38.252.13 2026-02-20T08:19:10.768993+01:00 Linux02 sshd[26938]: Failed password for invalid user developer from 209.38.252.13 port 57120 ssh2 2026-02-20T08:19:48.443723+01:00 Linux02 sshd[28459]: Invalid user developer ... show less	Brute-Force SSH
🇷🇺 RuVeR	2026-02-20 07:18:42 (4 months ago)	2026-02-20T10:17:25.500709pantelemone.ru sshd[2770478]: Failed password for invalid user developer f ... show more 2026-02-20T10:17:25.500709pantelemone.ru sshd[2770478]: Failed password for invalid user developer from 209.38.252.13 port 38402 ssh2 2026-02-20T10:18:02.628887pantelemone.ru sshd[2770631]: Invalid user developer from 209.38.252.13 port 33116 2026-02-20T10:18:02.780870pantelemone.ru sshd[2770631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.38.252.13 2026-02-20T10:18:04.961585pantelemone.ru sshd[2770631]: Failed password for invalid user developer from 209.38.252.13 port 33116 ssh2 2026-02-20T10:18:41.513856pantelemone.ru sshd[2770736]: Invalid user developer from 209.38.252.13 port 33820 ... show less	Brute-Force SSH
🇫🇮 7jmt	2026-02-20 07:13:47 (4 months ago)	Feb 20 07:13:09 ubuntu-8gb-hel1-2 sshd[238456]: pam_unix(sshd:auth): authentication failure; logname ... show more Feb 20 07:13:09 ubuntu-8gb-hel1-2 sshd[238456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.38.252.13 Feb 20 07:13:10 ubuntu-8gb-hel1-2 sshd[238456]: Failed password for invalid user developer from 209.38.252.13 port 37484 ssh2 Feb 20 07:13:47 ubuntu-8gb-hel1-2 sshd[239541]: Invalid user developer from 209.38.252.13 port 33964 ... show less	Brute-Force SSH

Showing 1 to 15 of 170 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:400e:c17::124

🇨🇳 222.176.200.40

🇬🇧 193.32.209.254

🇧🇷 177.72.87.7

🇨🇳 144.123.76.253

🇨🇭 140.238.217.124

🇨🇳 116.172.249.2

🇩🇪 87.120.84.66

🇿🇦 41.116.247.174

🇸🇬 4.194.1.91

🇲🇽 201.141.8.113

🇱🇹 185.2.228.48

🇧🇷 170.239.72.126

🇧🇷 143.95.214.121

🇮🇳 103.107.60.45

🇬🇧 45.133.173.49

🇺🇸 18.97.5.82

🇸🇬 8.222.188.200

🇨🇾 213.149.181.32

🇨🇳 182.138.158.137