This IP address has been reported a total of
1,076
times from
477 distinct
sources.
117.149.196.213 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
117.149.196.213 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Po ...
show more117.149.196.213 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: May 25 13:52:34 13961 sshd[27185]: Failed password for root from 118.194.229.94 port 50436 ssh2
May 25 13:54:30 13961 sshd[27433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.196.213 user=root
May 25 13:52:32 13961 sshd[27185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.194.229.94 user=root
May 25 13:51:41 13961 sshd[27076]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.194.229.94 user=root
May 25 13:51:42 13961 sshd[27076]: Failed password for root from 118.194.229.94 port 43128 ssh2
IP Addresses Blocked:
118.194.229.94 (JP/Japan/-)
show less
2026-05-26T02:52:27.134714+08:00 broadside gitea[1802977]: User root from 117.149.196.213 not allowe ...
show more2026-05-26T02:52:27.134714+08:00 broadside gitea[1802977]: User root from 117.149.196.213 not allowed because not listed in AllowUsers
2026-05-26T02:53:25.065534+08:00 broadside gitea[1802977]: User root from 117.149.196.213 not allowed because not listed in AllowUsers
2026-05-26T02:54:20.962911+08:00 broadside gitea[1802977]: User root from 117.149.196.213 not allowed because not listed in AllowUsers
...
show less
2026-05-25T15:49:40.766689+00:00 racknerd-0410d2 sshd[1453306]: Failed password for root from 117.14 ...
show more2026-05-25T15:49:40.766689+00:00 racknerd-0410d2 sshd[1453306]: Failed password for root from 117.149.196.213 port 50336 ssh2
2026-05-25T15:50:41.079647+00:00 racknerd-0410d2 sshd[1453558]: Invalid user cloud from 117.149.196.213 port 60818
2026-05-25T15:50:41.106005+00:00 racknerd-0410d2 sshd[1453558]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.196.213
2026-05-25T15:50:42.855668+00:00 racknerd-0410d2 sshd[1453558]: Failed password for invalid user cloud from 117.149.196.213 port 60818 ssh2
...
show less
Automated report: SSH brute force detected. This IP exceeded the allowed number of failed login atte ...
show moreAutomated report: SSH brute force detected. This IP exceeded the allowed number of failed login attempts (3 attempts).
show less
May 25 19:07:59 mocha sshd[3691211]: Failed password for invalid user oracle from 117.149.196.213 po ...
show moreMay 25 19:07:59 mocha sshd[3691211]: Failed password for invalid user oracle from 117.149.196.213 port 53832 ssh2
May 25 19:11:42 mocha sshd[3695338]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.196.213 user=root
May 25 19:11:44 mocha sshd[3695338]: Failed password for root from 117.149.196.213 port 58110 ssh2
...
show less
2026-05-25T11:38:06.710815+02:00 groves sshd-session[3518593]: pam_unix(sshd:auth): authentication f ...
show more2026-05-25T11:38:06.710815+02:00 groves sshd-session[3518593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.196.213
2026-05-25T11:38:08.611900+02:00 groves sshd-session[3518593]: Failed password for invalid user user from 117.149.196.213 port 60266 ssh2
2026-05-25T11:41:17.540987+02:00 groves sshd-session[3520561]: Invalid user frappe from 117.149.196.213 port 44134
...
show less
2026-05-25T02:42:47.614905+01:00 nbg-vs01-mailserver sshd-session[1938068]: Invalid user caja01 from ...
show more2026-05-25T02:42:47.614905+01:00 nbg-vs01-mailserver sshd-session[1938068]: Invalid user caja01 from 117.149.196.213 port 42940
2026-05-25T02:42:47.617972+01:00 nbg-vs01-mailserver sshd-session[1938068]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.196.213
2026-05-25T02:42:50.121070+01:00 nbg-vs01-mailserver sshd-session[1938068]: Failed password for invalid user caja01 from 117.149.196.213 port 42940 ssh2
...
show less
117.149.196.213 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Po ...
show more117.149.196.213 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: May 24 20:31:37 14337 sshd[17097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.32.132.28 user=root
May 24 20:36:32 14337 sshd[17670]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.196.213 user=root
May 24 20:36:34 14337 sshd[17670]: Failed password for root from 117.149.196.213 port 51556 ssh2
May 24 20:40:44 14337 sshd[18138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.196.103.195 user=root
May 24 20:31:38 14337 sshd[17097]: Failed password for root from 152.32.132.28 port 55072 ssh2
IP Addresses Blocked:
152.32.132.28 (HK/Hong Kong/-)
show less
Brute-Force
SSH
Showing 136 to
150
of 1076 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ