This IP address has been reported a total of
208
times from
85 distinct
sources.
185.213.154.209 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
185.213.154.209 (SE/Sweden/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; P ...
show more185.213.154.209 (SE/Sweden/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jun 12 13:46:11 17345 sshd[11315]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.213.154.209 user=root
Jun 12 13:46:13 17345 sshd[11315]: Failed password for root from 185.213.154.209 port 51076 ssh2
Jun 12 14:06:52 17345 sshd[20724]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.127.182.174 user=root
Jun 12 13:44:03 17345 sshd[10151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.32.248.135 user=root
Jun 12 13:44:05 17345 sshd[10151]: Failed password for root from 193.32.248.135 port 51310 ssh2
IP Addresses Blocked:
show less
2026-06-11T23:43:16.377687+00:00 vps-201 sshd[3555603]: Invalid user odoo from 185.213.154.209 port ...
show more2026-06-11T23:43:16.377687+00:00 vps-201 sshd[3555603]: Invalid user odoo from 185.213.154.209 port 43926
...
show less
2026-06-09T03:10:08.709176+03:00 vatnik sshd[140731]: Invalid user yuhan from 185.213.154.209 port 5 ...
show more2026-06-09T03:10:08.709176+03:00 vatnik sshd[140731]: Invalid user yuhan from 185.213.154.209 port 51576
...
show less
Cowrie Honeypot: 5 unauthorised SSH/Telnet login attempts between 2026-06-03T07:21:09Z and 2026-06-0 ...
show moreCowrie Honeypot: 5 unauthorised SSH/Telnet login attempts between 2026-06-03T07:21:09Z and 2026-06-03T08:04:35Z
show less
185.213.154.209 (SE/Sweden/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; P ...
show more185.213.154.209 (SE/Sweden/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jun 3 02:19:49 15541 sshd[15349]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.213.154.209 user=root
Jun 3 02:19:52 15541 sshd[15349]: Failed password for root from 185.213.154.209 port 33894 ssh2
Jun 3 02:22:31 15541 sshd[16729]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.19.200.136 user=root
Jun 3 02:11:09 15541 sshd[11226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.65.135.248 user=root
Jun 3 02:11:11 15541 sshd[11226]: Failed password for root from 185.65.135.248 port 39772 ssh2
IP Addresses Blocked:
show less
May 27 15:41:44 vps-07b0f6cf sshd[3996261]: Invalid user david from 185.213.154.209 port 53790
May 2 ...
show moreMay 27 15:41:44 vps-07b0f6cf sshd[3996261]: Invalid user david from 185.213.154.209 port 53790
May 27 15:47:06 vps-07b0f6cf sshd[3996320]: Invalid user develop from 185.213.154.209 port 37936
...
show less
Cowrie Honeypot: 5 unauthorised SSH/Telnet login attempts between 2026-05-27T12:59:10Z and 2026-05-2 ...
show moreCowrie Honeypot: 5 unauthorised SSH/Telnet login attempts between 2026-05-27T12:59:10Z and 2026-05-27T13:39:11Z
show less
Brute-Force
SSH
Showing 1 to
15
of 208 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ