IP Address

185.192.96.169

IPv4 Public
DE DE
AS51167
Contabo GmbH
884 Reports
This IP is under Observation Suspicious activity detected - monitor closely
10/10 Threat
64% Confidence
884 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Top 10% High Threat
DE
DE Location
Contabo GmbH ASN 51167
884 Reports
Honeypot Data Source

Severe Risk

IP 185.192.96.169 is a high-risk address linked to SSH brute-force attacks, assessed at a critical 10/10 threat level with 884 total abuse reports across automated honeypot sensors. The IP originates from Contabo GmbH's German network infrastructure, with activity detected throughout October 2025 at a moderate 64% confidence. The dominant threat pattern involves repeated attempts to gain unauthorized server access through credential guessing against exposed SSH services.

The report volume of 884 incidents across 20 distinct honeypot sensors indicates this address has been extensively flagged for automated intrusion activity, primarily categorized as Hacking (11 recent reports) and SSH (9 recent reports). The specific attack pattern identified includes honeypot events and SSH brute-force attempts, suggesting sustained scanning behaviour rather than isolated probes. Contabo GmbH operates as a large European hosting provider, and IPs within this AS range are frequently associated with aggressive automated scanning campaigns due to the nature of budget hosting environments.

SSH brute-force attacks pose a concrete risk to any exposed server with password-based authentication enabled. Attackers systematically attempt credential combinations against SSH daemons to compromise accounts, particularly those with weak or default passwords. The volume of 884 reports suggests persistent, high-frequency scanning activity that could successfully breach unprotected or poorly configured servers. While the 0/10 activity frequency may indicate reduced recent activity, the extensive historical report volume means this address should not be considered safe to permit.

Defensive measures should include deploying automated tools such as fail2ban to block repeated authentication failures, implementing key-based SSH authentication exclusively while disabling password authentication entirely, and restricting root login access. Site operators should audit exposed SSH services regularly, enforce strong credential policies, and monitor authentication logs for unusual patterns originating from this IP range.

More threatening than 91% of monitored IPs

Threat Categories

Hacking 17
SSH 13

Technical Details

General hacking activity includes various intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts.

Recommended Mitigations

Keep systems patched, implement intrusion detection, and follow security best practices.

Reputable Network

This IP is hosted on a network (ASN 51167) with generally good reputation. The ISP Contabo GmbH maintains standard security practices.

The malicious activity may represent an isolated compromised system rather than systematic abuse.

Security Recommendations

Continue monitoring for emerging patterns.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 10/10 Critical
Critical
Activity Frequency 0/10 Inactive
Confidence Score 59% High Confidence

Confidence History

13. Oct 2025
64% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
Hacking Honeypot 75%
Hacking Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
SSH Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
SSH Honeypot 75%
Hacking Honeypot 75%
SSH Honeypot 75%
Hacking Honeypot 75%
SSH Honeypot 75%
Hacking Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
SSH Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
SSH Honeypot 75%
Hacking Honeypot 75%
10 of 884 shown

Technical Details

Basic Information

IP Address
185.192.96.169
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class B

Geolocation

Country
DE DE
ASN
AS51167
ISP
Contabo GmbH

DNS Information

Reverse DNS
mail.ikote.ru
PTR Record
Yes
Connection Type
Static

Statistics

Total Reports
884
First Reported
12 Oct 2025
Last Reported
13 Oct 2025, 05:58

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS51167
Contabo GmbH
FR FR

Network Threat Assessment

2/10
This network appears to be relatively clean with very low threat indicators.

Network Statistics

778
Total IPs Monitored
28,942
Total Reports
37.2
Reports per IP

Network Context

This IP address belongs to Contabo GmbH (AS51167), which manages 778 IP addresses in our monitoring system. Out of these, 28,942 have been reported for suspicious activities, resulting in a network-wide threat level of 2/10.

Network status: This network appears to be well-maintained with low threat indicators.

Comparative Analysis

How this IP compares to others in our threat intelligence database

91 %

Global Threat Ranking

This IP is more threatening than 91% of all IPs in our database.

Top 10% Most Dangerous

Global Comparison

Compared against 199,332 reported IPs worldwide

Threat Level 10/10 avg: 5.3 ++
Total Reports 884 avg: 23 ++

Network Comparison

Compared against 1,142 IPs in ASN 51167

Threat Level 10/10 network avg: 5.0 ++
Total Reports 884 network avg: 26 ++
Network Contabo GmbH has overall threat level 2/10

Geographic Comparison

Compared against 7,139 IPs in DE

Threat Level 10/10 country avg: 5.8 ++
Total Reports 884 country avg: 61 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

187,017 threat incidents tracked globally • Last 24h: 18,967 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US
    38,426 20.5%
  2. 02
    IN
    India IN
    28,977 15.5%
  3. 03
    CN
    China CN
    26,016 13.9%
  4. 04
    BR
    Brazil BR
    10,249 5.5%
  5. 05
    DE
    Germany DE THIS IP
    7,139 3.8%
  6. 06
    SG
    Singapore SG
    6,475 3.5%
  7. 07
    ID
    Indonesia ID
    5,533 3%
  8. 08
    RU
    Russia RU
    4,701 2.5%
  9. 09
    PK
    Pakistan PK
    4,647 2.5%
  10. 10
    NL
    Netherlands NL
    4,355 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same Autonomous System (AS) network provider.

20 Related IPs
8.6/10 Avg Threat
98% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
45.92.11.94 8/10
Confidence 100%
Reports 274
Location DE DE
1 Mar 2026
178.18.246.56 8/10
Confidence 100%
Reports 92
Location FR FR
18 May 2026
194.163.139.224 10/10
Confidence 100%
Reports 72
Location FR FR
9 Jun 2026
84.247.129.9 8/10
Confidence 100%
Reports 31
Location FR FR
30 May 2026
5.189.128.80 8/10
Confidence 100%
Reports 19
Location FR FR
9 May 2026
173.249.50.59 8/10
Confidence 99%
Reports 79
Location FR FR
26 Apr 2026
158.220.126.105 8/10
Confidence 99%
Reports 32
Location FR FR
6 May 2026
173.249.41.171 10/10
Confidence 98%
Reports 90
Location FR FR
12 May 2026
109.199.127.9 8/10
Confidence 98%
Reports 40
Location FR FR
20 May 2026
161.97.68.122 10/10
Confidence 98%
Reports 20
Location FR FR
4 May 2026
173.212.228.191 10/10
Confidence 97%
Reports 86
Location FR FR
9 Jun 2026
144.91.126.77 8/10
Confidence 97%
Reports 66
Location FR FR
22 Feb 2026
158.220.126.85 8/10
Confidence 97%
Reports 37
Location FR FR
26 Feb 2026
173.249.45.217 8/10
Confidence 97%
Reports 31
Location FR FR
1 Mar 2026
62.171.175.31 8/10
Confidence 97%
Reports 18
Location FR FR
24 Feb 2026
38.242.146.40 8/10
Confidence 97%
Reports 12
Location FR FR
24 Feb 2026
38.242.211.132 8/10
Confidence 96%
Reports 13
Location FR FR
4 Jun 2026
89.116.31.97 10/10
Confidence 95%
Reports 66
Location FR FR
26 May 2026
173.249.7.118 8/10
Confidence 95%
Reports 22
Location FR FR
6 May 2026
161.97.182.206 10/10
Confidence 94%
Reports 201
Location FR FR
25 May 2026

IPs from the same country with similar threat profiles.

15 Related IPs
8.6/10 Avg Threat
100% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
45.92.11.94 8/10
Confidence 100%
Reports 274
ISP Contabo GmbH
1 Mar 2026
88.198.64.173 8/10
Confidence 100%
Reports 174
ISP Hetzner Online ...
22 May 2026
159.100.13.237 8/10
Confidence 100%
Reports 169
ISP Ultahost, Inc.
6 May 2026
46.224.234.158 8/10
Confidence 100%
Reports 128
ISP Hetzner Online ...
9 Jun 2026
5.83.135.249 8/10
Confidence 100%
Reports 116
ISP active 1 GmbH
7 Jun 2026
3.70.164.132 8/10
Confidence 100%
Reports 99
ISP Amazon.com, Inc.
19 May 2026
118.193.59.142 7/10
Confidence 100%
Reports 89
ISP UCLOUD INFORMAT...
5 Jun 2026
94.26.106.90 8/10
Confidence 100%
Reports 86
ISP dataforest GmbH
7 Jun 2026
49.12.3.147 10/10
Confidence 100%
Reports 78
ISP Hetzner Online ...
31 May 2026
94.26.106.111 10/10
Confidence 100%
Reports 75
ISP dataforest GmbH
13 May 2026
80.158.109.51 10/10
Confidence 100%
Reports 73
ISP T-Systems Inter...
6 Jun 2026
212.224.100.2 10/10
Confidence 100%
Reports 61
ISP firstcolo GmbH
31 May 2026
94.130.219.13 10/10
Confidence 100%
Reports 58
ISP Hetzner Online ...
9 May 2026
5.83.135.102 8/10
Confidence 100%
Reports 44
ISP AltunHOST LTD
8 Jun 2026
94.26.106.209 8/10
Confidence 100%
Reports 38
ISP dataforest GmbH
4 Jun 2026

IPs with similar threat level and confidence scores.

15 Related IPs
9.5/10 Avg Threat
64% Avg Confidence
14 High Threat
High-risk network: Majority of related IPs are flagged
3.143.33.63 8/10
Confidence 64%
Reports 3,636
Location US US
4 Feb 2026
218.78.24.117 10/10
Confidence 64%
Reports 2,055
Location CN CN
27 Apr 2026
93.152.230.150 10/10
Confidence 64%
Reports 1,761
Location BG BG
13 Jan 2026
3.137.151.234 10/10
Confidence 64%
Reports 816
Location US US
11 Oct 2025
91.224.92.28 10/10
Confidence 64%
Reports 631
Location GB GB
29 Nov 2025
79.124.8.120 10/10
Confidence 64%
Reports 620
Location NL NL
28 Oct 2025
45.173.176.254 10/10
Confidence 64%
Reports 572
Location BR BR
19 Feb 2026
36.255.98.3 10/10
Confidence 64%
Reports 567
Location SG SG
16 Oct 2025
58.9.10.203 10/10
Confidence 64%
Reports 497
Location TH TH
8 Nov 2025
103.119.3.109 5/10
Confidence 64%
Reports 486
Location HK HK
10 Nov 2025
195.178.110.15 10/10
Confidence 64%
Reports 485
Location BG BG
23 Apr 2026
172.110.223.5 10/10
Confidence 64%
Reports 457
Location CZ CZ
13 Feb 2026
103.207.3.28 10/10
Confidence 64%
Reports 427
Location IN IN
8 Oct 2025
198.199.86.189 10/10
Confidence 64%
Reports 419
Location US US
6 Oct 2025
85.11.167.3 10/10
Confidence 64%
Reports 415
Location BG BG
16 Feb 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "185.192.96.169",
    "threat_level": 10,
    "confidence_score": 64,
    "total_reports": 884,
    "country_code": "DE",
    "isp_name": "Contabo GmbH",
    "asn": "51167",
    "first_reported": "2025-10-12 06:20:25",
    "last_reported": "2025-10-13 05:58:57",
    "exported_at": "2026-06-09T07:56:19+02:00",
    "source": "https://reportedip.de/ip/185.192.96.169/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses