This IP address has been reported a total of
1,078
times from
478 distinct
sources.
117.149.196.213 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Jun 1 02:31:53 sanyalnet-oracle-vps2 sshd[890680]: pam_unix(sshd:auth): authentication failure; log ...
show moreJun 1 02:31:53 sanyalnet-oracle-vps2 sshd[890680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.196.213 user=root
Jun 1 02:31:55 sanyalnet-oracle-vps2 sshd[890680]: Failed password for invalid user root from 117.149.196.213 port 41862 ssh2
Jun 1 02:31:56 sanyalnet-oracle-vps2 sshd[890680]: Disconnected from invalid user root 117.149.196.213 port 41862 [preauth]
...
show less
117.149.196.213 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Po ...
show more117.149.196.213 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: May 31 17:52:13 13908 sshd[18521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.196.213 user=root
May 31 17:00:03 13908 sshd[24557]: Failed password for root from 138.124.54.172 port 54436 ssh2
May 31 17:00:05 13908 sshd[24827]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.143.189.125 user=root
May 31 17:00:06 13908 sshd[24827]: Failed password for root from 79.143.189.125 port 44586 ssh2
May 31 17:16:41 13908 sshd[749]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.104.84.188 user=root
IP Addresses Blocked:
show less
Cowrie Honeypot: 5 unauthorised SSH/Telnet login attempts between 2026-05-31T20:29:51Z and 2026-05-3 ...
show moreCowrie Honeypot: 5 unauthorised SSH/Telnet login attempts between 2026-05-31T20:29:51Z and 2026-05-31T21:45:59Z
show less
2026-05-31T23:39:54.926966+08:00 *hostname* sshd-session[3964827]: Invalid user bot1 from 117.149.19 ...
show more2026-05-31T23:39:54.926966+08:00 *hostname* sshd-session[3964827]: Invalid user bot1 from 117.149.196.213 port 54902
2026-05-31T23:39:54.736945+08:00 *hostname* sshd-session[3964827]: Connection from 117.149.196.213 port 54902 on 115.231.27.164 port 22 rdomain ""
2026-05-31T23:39:54.926966+08:00 *hostname* sshd-session[3964827]: Invalid user bot1 from 117.149.196.213 port 54902
2026-05-31T23:40:43.634756+08:00 *hostname* sshd-session[3964922]: Connection from 117.149.196.213 port 36232 on 115.231.27.164 port 22 rdomain ""
2026-05-31T23:40:43.814412+08:00 *hostname* sshd-session[3964922]: Invalid user luis from 117.149.196.213 port 36232
show less
2026-05-31T08:11:54.728637+01:00 git-host01.git.srvfarm.net sshd-session[3632312]: Connection closed ...
show more2026-05-31T08:11:54.728637+01:00 git-host01.git.srvfarm.net sshd-session[3632312]: Connection closed by 117.149.196.213 port 33056 [preauth]
2026-05-31T08:20:40.239902+01:00 git-host01.git.srvfarm.net sshd-session[3633308]: error: kex_exchange_identification: read: Connection reset by peer
2026-05-31T08:20:40.240113+01:00 git-host01.git.srvfarm.net sshd-session[3633308]: Connection reset by 117.149.196.213 port 59056
2026-05-31T08:20:41.379456+01:00 git-host01.git.srvfarm.net sshd-session[3633591]: Invalid user temp from 117.149.196.213 port 46076
2026-05-31T08:20:41.684647+01:00 git-host01.git.srvfarm.net sshd-session[3633591]: Disconnected from invalid user temp 117.149.196.213 port 46076 [preauth]
show less
2026-05-31T14:16:56.163988+08:00 nekoaru-shanghai-1 sshd-session[1545884]: Failed password for root ...
show more2026-05-31T14:16:56.163988+08:00 nekoaru-shanghai-1 sshd-session[1545884]: Failed password for root from 117.149.196.213 port 58272 ssh2
2026-05-31T14:17:29.394373+08:00 nekoaru-shanghai-1 sshd-session[1545938]: Connection from 117.149.196.213 port 57068 on 192.168.12.24 port 41022 rdomain ""
2026-05-31T14:17:29.558763+08:00 nekoaru-shanghai-1 sshd-session[1545938]: Invalid user test from 117.149.196.213 port 57068
...
show less
[Fail2Ban]: Jail sshd triggered 3 time(s) for 117.149.196.213.
May 31 03:29:34 - sshd[3180439]: pam_ ...
show more[Fail2Ban]: Jail sshd triggered 3 time(s) for 117.149.196.213.
May 31 03:29:34 - sshd[3180439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.196.213
May 31 03:29:36 - sshd[3180439]: Failed password for invalid user user1 from 117.149.196.213 port 46782 ssh2
May 31 03:29:37 - sshd[3180439]: Disconnected from invalid user user1 117.149.196.213 port 46782 [preauth]
...
show less
2026-05-30T21:55:49.545267 yip.floofy.tech sshd[1985424]: Invalid user user1 from 117.149.196.213 po ...
show more2026-05-30T21:55:49.545267 yip.floofy.tech sshd[1985424]: Invalid user user1 from 117.149.196.213 port 40554
2026-05-30T21:55:49.561157 yip.floofy.tech sshd[1985424]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.196.213
2026-05-30T21:55:51.542614 yip.floofy.tech sshd[1985424]: Failed password for invalid user user1 from 117.149.196.213 port 40554 ssh2
...
show less
Cowrie Honeypot: 5 unauthorised SSH/Telnet login attempts between 2026-05-30T14:57:12Z and 2026-05-3 ...
show moreCowrie Honeypot: 5 unauthorised SSH/Telnet login attempts between 2026-05-30T14:57:12Z and 2026-05-30T16:33:00Z
show less
2026-05-30T23:46:00.000636+09:00 no5 sshd[1162460]: Disconnected from authenticating user root 117.1 ...
show more2026-05-30T23:46:00.000636+09:00 no5 sshd[1162460]: Disconnected from authenticating user root 117.149.196.213 port 33680 [preauth]
...
show less
Brute-Force
SSH
Showing 31 to
45
of 1078 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ