JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.209.196.139

185.209.196.139 was found in our database!

This IP was reported 95 times. Confidence of Abuse is 73%: ?

73%

ISP	31173 Services AB infrastructure in Frankfurt, DE.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS39351
Domain Name	31173.se
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.209.196.139

Whois 185.209.196.139

IP Abuse Reports for 185.209.196.139:

This IP address has been reported a total of 95 times from 68 distinct sources. 185.209.196.139 was first reported on October 13th 2021, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 bigscoots.com	2026-06-18 22:26:21 (4 days ago)	185.209.196.139 (DE/Germany/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; ... show more 185.209.196.139 (DE/Germany/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jun 18 17:26:13 18149 sshd[17692]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.209.196.139 user=root Jun 18 17:26:15 18149 sshd[17692]: Failed password for root from 185.209.196.139 port 33110 ssh2 Jun 18 17:20:20 18149 sshd[14489]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.209.196.156 user=root Jun 18 17:20:23 18149 sshd[14489]: Failed password for root from 185.209.196.156 port 43002 ssh2 Jun 18 17:25:24 18149 sshd[17189]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.164.194.33 user=root IP Addresses Blocked: show less	Brute-Force SSH
🇨🇿 lp	2026-06-17 04:49:22 (6 days ago)	SSH Brute force: 1 attempts were recorded from 185.209.196.139 2026-06-17T06:16:38+02:00 Invalid use ... show more SSH Brute force: 1 attempts were recorded from 185.209.196.139 2026-06-17T06:16:38+02:00 Invalid user dima from 185.209.196.139 port 53270 show less	Brute-Force SSH
🇬🇧 aug42	2026-06-17 04:16:48 (6 days ago)	2026-06-17T07:16:47.779923+03:00 nexus6 sshd[1493122]: Invalid user dima from 185.209.196.139 port 5 ... show more 2026-06-17T07:16:47.779923+03:00 nexus6 sshd[1493122]: Invalid user dima from 185.209.196.139 port 55394 ... show less	Brute-Force SSH
🇸🇬 Rado C	2026-06-16 19:28:56 (6 days ago)	Jun 16 19:28:54 ub-singapore-ipsec sshd[3071306]: pam_unix(sshd:auth): authentication failure; logna ... show more Jun 16 19:28:54 ub-singapore-ipsec sshd[3071306]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.209.196.139 Jun 16 19:28:55 ub-singapore-ipsec sshd[3071306]: Failed password for invalid user webapp from 185.209.196.139 port 49910 ssh2 ... show less	Brute-Force SSH
Anonymous	2026-06-15 10:43:41 (1 week ago)	SSH Brute Force (3 attempts). Evidence: sshd:auth): authentication failure; logname= uid=0 euid=0 tt ... show more SSH Brute Force (3 attempts). Evidence: sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.209.196.139;sshd[296294]: Failed password for invalid user newtest from 185.209.196.139 port 52582 ssh2 show less	Brute-Force SSH
🇬🇧 yvoictra	2026-06-13 18:10:29 (1 week ago)	2026-06-13T20:10:29.273517+02:00 geneba sshd-session[335714]: Invalid user jake from 185.209.196.139 ... show more 2026-06-13T20:10:29.273517+02:00 geneba sshd-session[335714]: Invalid user jake from 185.209.196.139 port 47922 ... show less	Brute-Force SSH
🇩🇪 evilrave	2026-06-12 20:31:02 (1 week ago)	2026-06-12T20:31:01.963786+00:00 [REDACTED_HOSTNAME] sshd-session[3825066]: Disconnected from authen ... show more 2026-06-12T20:31:01.963786+00:00 [REDACTED_HOSTNAME] sshd-session[3825066]: Disconnected from authenticating user root 185.209.196.139 port 46310 [preauth] ... show less	Port Scan Brute-Force SSH
🇺🇸 bigscoots.com	2026-06-11 18:55:35 (1 week ago)	185.209.196.139 (DE/Germany/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; ... show more 185.209.196.139 (DE/Germany/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jun 11 13:55:19 17546 sshd[4425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.156.46.162 user=root Jun 11 13:44:58 17546 sshd[32738]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.60.40.201 user=root Jun 11 13:45:01 17546 sshd[32738]: Failed password for root from 92.60.40.201 port 41664 ssh2 Jun 11 13:51:57 17546 sshd[3009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.209.196.139 user=root Jun 11 13:51:59 17546 sshd[3009]: Failed password for root from 185.209.196.139 port 58918 ssh2 IP Addresses Blocked: 185.156.46.162 (US/United States/unn-185-156-46-162.datapacket.com) 92.60.40.201 (NL/The Netherlands/-) show less	Brute-Force SSH
Anonymous	2026-06-11 11:16:56 (1 week ago)	2026-06-11T13:16:53.917259 localhost.localdomain sshd-session[35887]: pam_unix(sshd:auth): authentic ... show more 2026-06-11T13:16:53.917259 localhost.localdomain sshd-session[35887]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.209.196.139 2026-06-11T13:16:55.713407 localhost.localdomain sshd-session[35887]: Failed password for invalid user jeff from 185.209.196.139 port 47496 ssh2 ... show less	Brute-Force SSH
Anonymous	2026-06-10 23:25:25 (1 week ago)	2026-06-11T01:25:56.297530+02:00 vps575891 sshd[3893298]: pam_unix(sshd:auth): authentication failur ... show more 2026-06-11T01:25:56.297530+02:00 vps575891 sshd[3893298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.209.196.139 2026-06-11T01:25:57.700064+02:00 vps575891 sshd[3893298]: Failed password for invalid user louise from 185.209.196.139 port 50204 ssh2 2026-06-11T01:25:57.787590+02:00 vps575891 sshd[3893298]: Disconnected from invalid user louise 185.209.196.139 port 50204 [preauth] ... show less	Brute-Force SSH
Anonymous	2026-06-10 19:03:28 (1 week ago)	Jun 10 19:03:26 f2b auth.info sshd[1247843]: Invalid user ts3server from 185.209.196.139 port 57588 ... show more Jun 10 19:03:26 f2b auth.info sshd[1247843]: Invalid user ts3server from 185.209.196.139 port 57588 Jun 10 19:03:26 f2b auth.info sshd[1247843]: Failed password for invalid user ts3server from 185.209.196.139 port 57588 ssh2 Jun 10 19:03:26 f2b auth.info sshd[1247843]: Disconnected from invalid user ts3server 185.209.196.139 port 57588 [preauth] ... show less	Brute-Force SSH
🇬🇧 aorth	2026-06-08 21:38:57 (2 weeks ago)	Jun 08 22:38:57 Invalid user gustavo from 185.209.196.139 port 33758	Brute-Force SSH
🇯🇵 demonsword	2026-06-07 10:02:02 (2 weeks ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: api.ipify.org:443 show less	Open Proxy Port Scan
🇩🇪 nicosqc	2026-06-05 06:39:17 (2 weeks ago)	Invalid user github from 185.209.196.139 port 57388	Brute-Force SSH
🇺🇸 bigscoots.com	2026-06-04 14:06:40 (2 weeks ago)	185.209.196.139 (DE/Germany/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; ... show more 185.209.196.139 (DE/Germany/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jun 4 08:35:27 15370 sshd[20765]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.127.217.53 user=root Jun 4 08:35:29 15370 sshd[20765]: Failed password for root from 79.127.217.53 port 57746 ssh2 Jun 4 09:01:36 15370 sshd[1661]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.24.11.173 user=root Jun 4 09:01:37 15370 sshd[1661]: Failed password for root from 185.24.11.173 port 44438 ssh2 Jun 4 09:06:32 15370 sshd[4225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.209.196.139 user=root IP Addresses Blocked: 79.127.217.53 (US/United States/unn-79-127-217-53.datapacket.com) 185.24.11.173 (AT/Austria/unn-185-24-11-173.datapacket.com) show less	Brute-Force SSH

Showing 1 to 15 of 95 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 103.143.72.165

🇲🇻 43.247.143.223

🇷🇴 2.57.121.112

🇮🇩 202.145.0.61

🇬🇧 193.176.29.28

🇧🇷 189.15.10.179

🇨🇴 179.33.186.150

🇩🇪 167.94.146.60

🇺🇸 147.185.132.18

🇸🇬 142.91.102.186

🇩🇪 134.122.93.100

🇨🇳 116.179.32.36

🇮🇳 103.91.246.73

🇬🇧 92.41.231.154

🇷🇴 80.94.92.171

🇺🇸 64.62.156.224

🇷🇴 2.57.122.238

🇳🇱 212.8.242.38

🇨🇳 180.76.179.77

🇰🇷 121.169.119.154