This IP address has been reported a total of
1,078
times from
478 distinct
sources.
117.149.196.213 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
2026-05-23T22:29:24.196771+02:00 milkyway sshd[892638]: pam_unix(sshd:auth): authentication failure; ...
show more2026-05-23T22:29:24.196771+02:00 milkyway sshd[892638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.196.213
2026-05-23T22:29:26.625320+02:00 milkyway sshd[892638]: Failed password for invalid user admin from 117.149.196.213 port 55154 ssh2
2026-05-23T22:45:02.991780+02:00 milkyway sshd[894198]: Invalid user devuser from 117.149.196.213 port 50550
...
show less
2026-05-24T01:18:55.254068+08:00 *hostname* sshd-session[784709]: Invalid user aroot from 117.149.19 ...
show more2026-05-24T01:18:55.254068+08:00 *hostname* sshd-session[784709]: Invalid user aroot from 117.149.196.213 port 39340
2026-05-24T01:20:40.528572+08:00 *hostname* sshd-session[784844]: Connection from 117.149.196.213 port 45046 on 10.66.0.230 port 22 rdomain ""
2026-05-24T01:20:40.786991+08:00 *hostname* sshd-session[784844]: Invalid user deployer from 117.149.196.213 port 45046
2026-05-24T01:22:29.058694+08:00 *hostname* sshd-session[785035]: Connection from 117.149.196.213 port 36636 on 10.66.0.230 port 22 rdomain ""
2026-05-24T01:22:29.293959+08:00 *hostname* sshd-session[785035]: Invalid user testuser from 117.149.196.213 port 36636
show less
2026-05-23T14:31:13.878416+02:00 vm1386.de.snk.wtf sshd[221375]: Failed password for root from 117.1 ...
show more2026-05-23T14:31:13.878416+02:00 vm1386.de.snk.wtf sshd[221375]: Failed password for root from 117.149.196.213 port 43396 ssh2
2026-05-23T14:31:15.848556+02:00 vm1386.de.snk.wtf sshd[221375]: Disconnected from authenticating user root 117.149.196.213 port 43396 [preauth]
...
show less
2026-05-23T10:44:08.894108+02:00 router01.feuchter-stiftung.de sshd-session[1005113]: Disconnected f ...
show more2026-05-23T10:44:08.894108+02:00 router01.feuchter-stiftung.de sshd-session[1005113]: Disconnected from authenticating user root 117.149.196.213 port 39494 [preauth]
2026-05-23T10:46:38.805153+02:00 router01.feuchter-stiftung.de sshd-session[1005534]: Invalid user deploy from 117.149.196.213 port 55298
2026-05-23T10:46:39.100850+02:00 router01.feuchter-stiftung.de sshd-session[1005534]: Disconnected from invalid user deploy 117.149.196.213 port 55298 [preauth]
2026-05-23T10:48:15.858150+02:00 router01.feuchter-stiftung.de sshd-session[1005789]: Invalid user kamran from 117.149.196.213 port 33036
2026-05-23T10:48:16.130572+02:00 router01.feuchter-stiftung.de sshd-session[1005789]: Disconnected from invalid user kamran 117.149.196.213 port 33036 [preauth]
show less
May 23 10:15:45 alpha-ee6a30e929 sshd[186038]: pam_unix(sshd:auth): authentication failure; logname= ...
show moreMay 23 10:15:45 alpha-ee6a30e929 sshd[186038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.196.213
May 23 10:15:47 alpha-ee6a30e929 sshd[186038]: Failed password for invalid user hari from 117.149.196.213 port 57398 ssh2
May 23 10:49:05 alpha-ee6a30e929 sshd[186122]: Invalid user aroot from 117.149.196.213 port 50794
...
show less
Brute-Force
SSH
Anonymous
SSH brute force attempt. User: steam, Pass: [REDACTED]
117.149.196.213 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Po ...
show more117.149.196.213 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: May 22 20:15:14 13979 sshd[18255]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.196.150.124 user=root
May 22 20:10:05 13979 sshd[17624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.196.213 user=root
May 22 20:10:07 13979 sshd[17624]: Failed password for root from 117.149.196.213 port 44846 ssh2
May 22 20:12:48 13979 sshd[17936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.95.140.115 user=root
May 22 20:12:51 13979 sshd[17936]: Failed password for root from 61.95.140.115 port 39736 ssh2
IP Addresses Blocked:
196.196.150.124 (ES/Spain/-)
show less
Brute-Force
SSH
Anonymous
SSH brute force attempt. User: root, Pass: [REDACTED]
(sshd) Failed SSH login from 117.149.196.213 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direct ...
show more(sshd) Failed SSH login from 117.149.196.213 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_SSHD; Logs: May 22 17:15:00 14236 sshd[9522]: Invalid user yan from 117.149.196.213 port 42790
May 22 17:15:01 14236 sshd[9522]: Failed password for invalid user yan from 117.149.196.213 port 42790 ssh2
May 22 17:25:15 14236 sshd[10713]: Invalid user ubuntu from 117.149.196.213 port 46640
May 22 17:25:16 14236 sshd[10713]: Failed password for invalid user ubuntu from 117.149.196.213 port 46640 ssh2
May 22 17:28:30 14236 sshd[11037]: Invalid user frontend from 117.149.196.213 port 56804
show less
Brute-Force
SSH
Showing 166 to
180
of 1078 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ