JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 174.138.89.209

174.138.89.209 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 100%: ?

100%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇺🇸 United States of America
City	Clifton, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 174.138.89.209

Whois 174.138.89.209

IP Abuse Reports for 174.138.89.209:

This IP address has been reported a total of 29 times from 24 distinct sources. 174.138.89.209 was first reported on June 9th 2026, and the most recent report was 57 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-06-09 15:30:09 (57 minutes ago)	SSH abuse or brute-force attack detected by Fail2Ban in ssh jail	Brute-Force SSH
🇳🇱 DrLex0	2026-06-09 14:45:05 (1 hour ago)	2026-06-09T14:03:04.592430+00:00 [host] sshd[148525]: Invalid user bitcoind from 174.138.89.209 port ... show more 2026-06-09T14:03:04.592430+00:00 [host] sshd[148525]: Invalid user bitcoind from 174.138.89.209 port 36812 2026-06-09T14:31:04.764399+00:00 [host] sshd[148903]: User root from 174.138.89.209 not allowed because not listed in AllowUsers 2026-06-09T14:45:04.875748+00:00 [host] sshd[149034]: User root from 174.138.89.209 not allowed because not listed in AllowUsers show less	Brute-Force SSH
🇺🇸 vandomatos	2026-06-09 14:31:44 (1 hour ago)	Jun 9 07:31:37 servidor sshd[3144027]: Invalid user postgres from 174.138.89.209 port 47876 Jun 9 ... show more Jun 9 07:31:37 servidor sshd[3144027]: Invalid user postgres from 174.138.89.209 port 47876 Jun 9 07:31:39 servidor sshd[3144027]: Failed password for invalid user postgres from 174.138.89.209 port 47876 ssh2 Jun 9 07:31:41 servidor sshd[3144027]: Connection closed by invalid user postgres 174.138.89.209 port 47876 [preauth] ... show less	Brute-Force SSH
🇬🇧 djboddington	2026-06-09 13:28:30 (2 hours ago)	This IP was detected by CrowdSec triggering crowdsecurity/ssh-bf	SSH Brute-Force
🇺🇸 bigscoots.com	2026-06-09 13:02:01 (3 hours ago)	174.138.89.209 (US/United States/-), 5 distributed sshd attacks on account [root] in the last 3600 s ... show more 174.138.89.209 (US/United States/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jun 9 08:01:35 14157 sshd[32681]: Failed password for root from 103.171.69.222 port 53800 ssh2 Jun 9 08:01:45 14157 sshd[306]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.249.63.80 user=root Jun 9 08:01:14 14157 sshd[32631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.89.209 user=root Jun 9 08:01:16 14157 sshd[32631]: Failed password for root from 174.138.89.209 port 52390 ssh2 Jun 9 08:01:32 14157 sshd[32681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.171.69.222 user=root IP Addresses Blocked: 103.171.69.222 (BD/Bangladesh/-) 173.249.63.80 (DE/Germany/vmi2700877.contaboserver.net) show less	Brute-Force SSH
Anonymous	2026-06-09 12:02:32 (4 hours ago)	SSH tarpit (endlessh) connection from 174.138.89.209	Brute-Force SSH
🇩🇪 Viveronese	2026-06-09 11:47:16 (4 hours ago)	SSH brute force attacks	Brute-Force SSH
🇬🇧 Mendip_Defender	2026-06-09 11:45:55 (4 hours ago)	Jun 9 12:45:49 jackstringer sshd[738291]: Invalid user deploy from 174.138.89.209 port 60492 Jun 9 ... show more Jun 9 12:45:49 jackstringer sshd[738291]: Invalid user deploy from 174.138.89.209 port 60492 Jun 9 12:45:49 jackstringer sshd[738291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.89.209 Jun 9 12:45:50 jackstringer sshd[738291]: Failed password for invalid user deploy from 174.138.89.209 port 60492 ssh2 ... show less	Brute-Force SSH
🇸🇮 NoaQT	2026-06-09 11:37:05 (4 hours ago)	2026-06-09T13:37:01.996845+02:00 asdeby sshd-session[460587]: pam_unix(sshd:auth): authentication fa ... show more 2026-06-09T13:37:01.996845+02:00 asdeby sshd-session[460587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.89.209 user=root 2026-06-09T13:37:04.081558+02:00 asdeby sshd-session[460587]: Failed password for root from 174.138.89.209 port 51518 ssh2 2026-06-09T13:37:04.832962+02:00 asdeby sshd-session[460587]: Connection closed by authenticating user root 174.138.89.209 port 51518 [preauth] ... show less	Brute-Force SSH
🇺🇸 bigscoots.com	2026-06-09 11:28:36 (4 hours ago)	174.138.89.209 (US/United States/-), 5 distributed sshd attacks on account [tomcat] in the last 3600 ... show more 174.138.89.209 (US/United States/-), 5 distributed sshd attacks on account [tomcat] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jun 9 06:28:17 14253 sshd[15902]: Invalid user tomcat from 62.171.177.192 port 40582 Jun 9 06:27:17 14253 sshd[15392]: Invalid user tomcat from 139.59.138.20 port 55286 Jun 9 06:27:19 14253 sshd[15392]: Failed password for invalid user tomcat from 139.59.138.20 port 55286 ssh2 Jun 9 06:27:46 14253 sshd[15547]: Invalid user tomcat from 174.138.89.209 port 58492 Jun 9 06:27:48 14253 sshd[15547]: Failed password for invalid user tomcat from 174.138.89.209 port 58492 ssh2 IP Addresses Blocked: 62.171.177.192 (DE/Germany/vmi1628877.contaboserver.net) 139.59.138.20 (DE/Germany/-) show less	Brute-Force SSH
🇸🇮 NoaQT	2026-06-09 10:29:04 (5 hours ago)	2026-06-09T12:29:00.816428+02:00 asdeby sshd-session[421218]: pam_unix(sshd:auth): authentication fa ... show more 2026-06-09T12:29:00.816428+02:00 asdeby sshd-session[421218]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.89.209 2026-06-09T12:29:02.798273+02:00 asdeby sshd-session[421218]: Failed password for invalid user exchange from 174.138.89.209 port 40038 ssh2 2026-06-09T12:29:03.632007+02:00 asdeby sshd-session[421218]: Connection closed by invalid user exchange 174.138.89.209 port 40038 [preauth] ... show less	Brute-Force SSH
🇮🇹 Giacomo Mondino	2026-06-09 10:11:29 (6 hours ago)	Jun 9 10:11:29 server sshd[400615]: Invalid user postgres from 174.138.89.209 port 55092 Jun 9 10: ... show more Jun 9 10:11:29 server sshd[400615]: Invalid user postgres from 174.138.89.209 port 55092 Jun 9 10:11:29 server sshd[400615]: Failed password for invalid user postgres from 174.138.89.209 port 55092 ssh2 ... show less	Brute-Force SSH
🇺🇸 bigscoots.com	2026-06-09 09:04:49 (7 hours ago)	174.138.89.209 (US/United States/-), 5 distributed sshd attacks on account [root] in the last 3600 s ... show more 174.138.89.209 (US/United States/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jun 9 04:04:10 17642 sshd[19540]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.12.76.0 user=root Jun 9 04:04:12 17642 sshd[19540]: Failed password for root from 49.12.76.0 port 57190 ssh2 Jun 9 04:02:40 17642 sshd[18858]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.35.232.196 user=root Jun 9 04:02:43 17642 sshd[18858]: Failed password for root from 161.35.232.196 port 53472 ssh2 Jun 9 04:04:39 17642 sshd[19656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.89.209 user=root IP Addresses Blocked: 49.12.76.0 (DE/Germany/static.0.76.12.49.clients.your-server.de) 161.35.232.196 (US/United States/ubuntu-s-2vcpu-siforon.com) show less	Brute-Force SSH
🇩🇪 Phenix Info	2026-06-09 08:52:01 (7 hours ago)	SmallGuard.fr/SSH Login Failed	Brute-Force
🇺🇸 bigscoots.com	2026-06-09 08:49:10 (7 hours ago)	174.138.89.209 (US/United States/-), 5 distributed sshd attacks on account [root] in the last 3600 s ... show more 174.138.89.209 (US/United States/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jun 9 03:48:15 14098 sshd[2862]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.89.209 user=root Jun 9 03:48:18 14098 sshd[2862]: Failed password for root from 174.138.89.209 port 57990 ssh2 Jun 9 03:47:49 14098 sshd[2436]: Failed password for root from 154.3.39.132 port 53426 ssh2 Jun 9 03:48:48 14098 sshd[3016]: Failed password for root from 173.249.63.80 port 37462 ssh2 Jun 9 03:48:46 14098 sshd[3016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.249.63.80 user=root IP Addresses Blocked: show less	Brute-Force SSH

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 43.156.78.118

🇨🇳 223.84.193.208

🇺🇿 213.230.93.96

🇷🇺 213.108.187.99

🇩🇪 193.124.20.226

🇷🇺 193.25.189.29

🇰🇿 188.247.213.2

🇮🇳 154.84.242.115

🇺🇸 107.150.98.168

🇦🇪 94.59.211.169

🇮🇱 85.250.51.12

🇺🇿 84.54.73.195

🇲🇷 41.188.108.150

🇺🇸 35.223.94.180

🇺🇸 35.202.43.75

🇩🇪 213.209.159.236

🇧🇷 200.215.226.168

🇺🇸 192.3.64.210

🇺🇿 185.213.230.203

🇰🇿 178.91.136.197