JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 117.149.196.165

117.149.196.165 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 100%: ?

100%

ISP	China Mobile Communications Corporation
Usage Type	Fixed Line ISP
ASN	AS56041
Domain Name	chinamobile.com
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 117.149.196.165

Whois 117.149.196.165

IP Abuse Reports for 117.149.196.165:

This IP address has been reported a total of 23 times from 20 distinct sources. 117.149.196.165 was first reported on June 1st 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-06 15:42:19 (1 hour ago)	Jun 6 15:42:16 scw-6657dc sshd[12552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 ... show more Jun 6 15:42:16 scw-6657dc sshd[12552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.196.165 user=root Jun 6 15:42:16 scw-6657dc sshd[12552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.196.165 user=root Jun 6 15:42:18 scw-6657dc sshd[12552]: Failed password for root from 117.149.196.165 port 50238 ssh2 ... show less	Brute-Force SSH
🇩🇪 THYRAKLES_EINZELUNTERNEHMEN_NOAH_FINLEY WOLF	2026-06-05 14:27:22 (1 day ago)	systemd timer sync; source=sshd host=ns2 ip=117.149.196.165; evidence=fail2ban log NOTICE Ban event	Brute-Force SSH
🇧🇬 MazenHost	2026-06-05 08:48:16 (1 day ago)	Jun 5 10:47:38 EMIRATESofBULGARIA sshd[120701]: Failed password for root from 117.149.196.165 port ... show more Jun 5 10:47:38 EMIRATESofBULGARIA sshd[120701]: Failed password for root from 117.149.196.165 port 40382 ssh2 Jun 5 10:47:45 EMIRATESofBULGARIA sshd[120703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.196.165 user=root Jun 5 10:47:47 EMIRATESofBULGARIA sshd[120703]: Failed password for root from 117.149.196.165 port 55108 ssh2 Jun 5 10:47:59 EMIRATESofBULGARIA sshd[120705]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.196.165 user=root Jun 5 10:48:01 EMIRATESofBULGARIA sshd[120705]: Failed password for root from 117.149.196.165 port 51854 ssh2 Jun 5 10:48:13 EMIRATESofBULGARIA sshd[120707]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.196.165 user=root Jun 5 10:48:15 EMIRATESofBULGARIA sshd[120707]: Failed password for root from 117.149.196.165 port 58308 ssh2 ... show less	Brute-Force SSH
🇫🇷 tecnicorioja	2026-06-05 08:00:08 (1 day ago)	Failed password for root Jun 05 05:49:20 port 38194	Brute-Force SSH
🇺🇸 Xarcotic	2026-06-05 02:31:11 (1 day ago)	SSH login on honeypot.	Brute-Force SSH
🇪🇸 whatda	2026-06-04 22:05:37 (1 day ago)	Honeypot RaspiNAS: ssh attack (4 events/h). Automated report.	SSH
🇧🇷 ItsClairton	2026-06-04 06:06:42 (2 days ago)	Jun 4 03:06:15 proxy-03 sshd[1620589]: Failed password for root from 117.149.196.165 port 54944 ssh ... show more Jun 4 03:06:15 proxy-03 sshd[1620589]: Failed password for root from 117.149.196.165 port 54944 ssh2 Jun 4 03:06:21 proxy-03 sshd[1620915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.196.165 user=root Jun 4 03:06:22 proxy-03 sshd[1620915]: Failed password for root from 117.149.196.165 port 36004 ssh2 Jun 4 03:06:39 proxy-03 sshd[1621204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.196.165 user=root Jun 4 03:06:41 proxy-03 sshd[1621204]: Failed password for root from 117.149.196.165 port 36092 ssh2 ... show less	Brute-Force SSH
🇳🇱 AS213449.net	2026-06-04 06:06:27 (2 days ago)	06/04/2026-08:06:27.629173 src=117.149.196.165 dst=5.175.170.18:22 proto=6 msg=ET SCAN Potential SSH ... show more 06/04/2026-08:06:27.629173 src=117.149.196.165 dst=5.175.170.18:22 proto=6 msg=ET SCAN Potential SSH Scan show less	Brute-Force SSH
🇪🇸 whatda	2026-06-03 22:01:16 (2 days ago)	Honeypot RaspiNAS: ssh attack (1 events/h). Automated report.	SSH
🇮🇩 demonsword	2026-06-03 13:44:25 (3 days ago)	SSH brute-force detected: 8 failed login attempts in the last 1 hour.	Brute-Force SSH
🇪🇸 whatda	2026-06-03 12:12:46 (3 days ago)	Honeypot RaspiNAS: ssh attack (4 events/h). Automated report.	SSH
🇧🇷 diego	2026-06-03 02:58:34 (3 days ago)	[rede-arem1] (sshd) Failed SSH login from 117.149.196.165 (CN/China/-): 5 in the last 3600 secs; Por ... show more [rede-arem1] (sshd) Failed SSH login from 117.149.196.165 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Jun 2 23:58:08 sshd[3090]: Did not receive identification string from 117.149.196.165 port 57694 Jun 2 23:58:15 sshd[3092]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.196.165 user=[USERNAME] Jun 2 23:58:17 sshd[3092]: Failed password for [USERNAME] from 117.149.196.165 port 51072 ssh2 Jun 2 23:58:25 sshd[3098]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.196.165 user=[USERNAME] Jun 2 2 show less	Port Scan
🇩🇪 AS213449.net	2026-06-03 00:48:38 (3 days ago)	06/03/2026-02:48:35.074410 src=117.149.196.165 dst=89.144.63.37:22 proto=6 msg=ET SCAN Potential SSH ... show more 06/03/2026-02:48:35.074410 src=117.149.196.165 dst=89.144.63.37:22 proto=6 msg=ET SCAN Potential SSH Scan show less	Brute-Force SSH
🇩🇪 dispaisyenterprises	2026-06-02 23:00:45 (3 days ago)	Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 5022 [1] TCP Reported by DisPaisy ... show more Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 5022 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇬🇧 djboddington	2026-06-02 22:49:43 (3 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/ssh-bf	SSH Brute-Force

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 223.197.248.209

🇧🇪 198.235.24.196

🇺🇸 198.2.139.197

🇬🇪 178.134.110.107

🇿🇦 129.232.165.250

🇩🇪 104.248.130.34

🇬🇧 35.203.211.47

🇬🇧 31.77.156.62

🇺🇸 24.242.241.150

🇺🇸 20.65.193.183

🇨🇳 220.168.243.38

🇺🇸 173.61.3.24

🇵🇹 148.63.100.254

🇨🇳 120.48.27.74

🇬🇧 81.19.219.205

🇺🇸 66.132.195.116

🇱🇹 45.227.254.170

🇭🇰 42.200.66.164

🇨🇳 223.85.102.135

🇯🇵 202.231.119.182