JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 213.199.56.92

213.199.56.92 was found in our database!

This IP was reported 198 times. Confidence of Abuse is 100%: ?

100%

ISP	Contabo GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51167
Hostname(s)	vmi2901849.contaboserver.net
Domain Name	contabo.com
Country	🇫🇷 France
City	Lauterbourg, Grand Est

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 213.199.56.92

Whois 213.199.56.92

IP Abuse Reports for 213.199.56.92:

This IP address has been reported a total of 198 times from 148 distinct sources. 213.199.56.92 was first reported on March 26th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇽 octageeks.com	2026-06-13 04:17:12 (1 week ago)	Wordpress malicious attack:[sshd]	Web App Attack
🇺🇸 bigscoots.com	2026-06-13 01:08:48 (1 week ago)	213.199.56.92 (DE/Germany/vmi2901849.contaboserver.net), 5 distributed sshd attacks on account [root ... show more 213.199.56.92 (DE/Germany/vmi2901849.contaboserver.net), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jun 12 19:44:42 14238 sshd[13023]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.232.118 user=root Jun 12 19:44:44 14238 sshd[13023]: Failed password for root from 202.29.232.118 port 33932 ssh2 Jun 12 19:39:10 14238 sshd[9865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.199.56.92 user=root Jun 12 19:39:13 14238 sshd[9865]: Failed password for root from 213.199.56.92 port 59684 ssh2 Jun 12 20:08:42 14238 sshd[27442]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.240.87.244 user=root IP Addresses Blocked: 202.29.232.118 (TH/Thailand/-) show less	Brute-Force SSH
Anonymous	2026-06-13 00:42:45 (1 week ago)	...	Brute-Force SSH
🇦🇹 hserv	2026-06-13 00:05:57 (1 week ago)	2026-06-13T00:51:24.288161+02:00 chnode1 wings[2307]: WARN: [Jun 13 00:51:24.287] failed to validat ... show more 2026-06-13T00:51:24.288161+02:00 chnode1 wings[2307]: WARN: [Jun 13 00:51:24.287] failed to validate user credentials (invalid format) ip=213.199.56.92:37380 method=password subsystem=sftp username=root 2026-06-13T01:15:54.893989+02:00 chnode1 wings[2307]: WARN: [Jun 13 01:15:54.893] failed to validate user credentials (invalid format) ip=213.199.56.92:35872 method=password subsystem=sftp username=root 2026-06-13T02:05:56.671692+02:00 chnode1 wings[2307]: WARN: [Jun 13 02:05:56.671] failed to validate user credentials (invalid format) ip=213.199.56.92:49098 method=password subsystem=sftp username=root ... show less	FTP Brute-Force Brute-Force
🇩🇪 BlackSl1de	2026-06-12 23:42:13 (1 week ago)	Banned by Fail2Ban on SSH	Brute-Force
🇿🇦 voolik.com	2026-06-12 23:06:49 (1 week ago)	2026-06-13T00:38:47.968842+02:00 bla016-truserv-jhb1-001 sshd[17245]: refused connect from 213.199.5 ... show more 2026-06-13T00:38:47.968842+02:00 bla016-truserv-jhb1-001 sshd[17245]: refused connect from 213.199.56.92 (213.199.56.92) 2026-06-13T00:46:18.595454+02:00 bla016-truserv-jhb1-001 sshd[37724]: refused connect from 213.199.56.92 (213.199.56.92) 2026-06-13T00:59:50.425800+02:00 bla016-truserv-jhb1-001 sshd[73594]: refused connect from 213.199.56.92 (213.199.56.92) 2026-06-13T01:06:48.487473+02:00 bla016-truserv-jhb1-001 sshd[92139]: refused connect from 213.199.56.92 (213.199.56.92) ... show less	Brute-Force SSH
🇺🇸 bigscoots.com	2026-06-12 22:24:08 (1 week ago)	213.199.56.92 (DE/Germany/vmi2901849.contaboserver.net), 5 distributed sshd attacks on account [depl ... show more 213.199.56.92 (DE/Germany/vmi2901849.contaboserver.net), 5 distributed sshd attacks on account [deploy] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jun 12 17:23:48 15084 sshd[28630]: Invalid user deploy from 185.100.212.141 port 41692 Jun 12 17:22:49 15084 sshd[28085]: Invalid user deploy from 133.125.62.131 port 52380 Jun 12 17:22:52 15084 sshd[28085]: Failed password for invalid user deploy from 133.125.62.131 port 52380 ssh2 Jun 12 17:23:17 15084 sshd[28467]: Invalid user deploy from 213.199.56.92 port 51552 Jun 12 17:23:19 15084 sshd[28467]: Failed password for invalid user deploy from 213.199.56.92 port 51552 ssh2 IP Addresses Blocked: 185.100.212.141 (IN/India/-) 133.125.62.131 (JP/Japan/ik1-449-56627.vs.sakura.ne.jp) show less	Brute-Force SSH
🇩🇪 joschuak	2026-06-12 22:02:35 (1 week ago)	SSH brute force attack detected from [213.199.56.92]	SSH Brute-Force
🇺🇸 wristhulk	2026-06-12 21:55:00 (1 week ago)	Honeypot: credential attempt on OpenCanary SSH honeypot. Username: 'root' Password: 'Markmoran2026@' ... show more Honeypot: credential attempt on OpenCanary SSH honeypot. Username: 'root' Password: 'Markmoran2026@'. show less	SSH Brute-Force
🇨🇭 ale	2026-06-12 20:59:47 (1 week ago)	SSH auth scanning - multiple failed logins	Brute-Force SSH
🇩🇪 formality	2026-06-12 20:34:05 (1 week ago)	Invalid user miner from 213.199.56.92 port 48474	Brute-Force SSH
🇺🇸 seraph.ws	2026-06-12 20:31:19 (1 week ago)	SSH honeypot contact — automated credential stuffing attempt	Brute-Force SSH
🇺🇸 wristhulk	2026-06-12 19:56:23 (1 week ago)	Honeypot: credential attempt on OpenCanary SSH honeypot. Username: 'root' Password: 'markmoran25!@#' ... show more Honeypot: credential attempt on OpenCanary SSH honeypot. Username: 'root' Password: 'markmoran25!@#'. show less	SSH Brute-Force
🇨🇭 TOCE	2026-06-12 19:31:26 (1 week ago)	21 hits seen on 2026-06-12, ports 22 (SSH) on a honeypot from www.toce.ch	SSH
🇺🇸 wristhulk	2026-06-12 19:14:52 (1 week ago)	Honeypot: credential attempt on OpenCanary SSH honeypot. Username: 'root' Password: 'markmoran1234!! ... show more Honeypot: credential attempt on OpenCanary SSH honeypot. Username: 'root' Password: 'markmoran1234!!!'. show less	SSH Brute-Force

Showing 1 to 15 of 198 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 172.253.244.20

🇺🇸 34.145.116.103

🇨🇳 222.140.184.118

🇨🇳 218.65.4.88

🇷🇴 193.32.162.16

🇫🇷 185.177.72.12

🇨🇳 180.117.128.42

🇻🇳 116.99.174.97

🇸🇬 47.128.60.215

🇯🇵 45.76.202.47

🇷🇺 2a09:bac1:61a0:60::57:243

🇺🇸 216.180.246.181

🇸🇪 195.178.191.5

🇮🇩 180.247.78.188

🇳🇱 176.65.132.149

🇨🇳 171.217.92.33

🇫🇮 147.185.133.4

🇨🇳 121.229.156.125

🇧🇩 103.248.206.49

🇧🇩 103.132.223.93