JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 117.34.85.169

117.34.85.169 was found in our database!

This IP was reported 627 times. Confidence of Abuse is 100%: ?

100%

ISP	CHINANET Shanxi(SN) province network
Usage Type	Data Center/Web Hosting/Transit
ASN	AS134768
Domain Name	xa.sn.cn
Country	🇨🇳 China
City	Xi'an, Shaanxi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 117.34.85.169

Whois 117.34.85.169

IP Abuse Reports for 117.34.85.169:

This IP address has been reported a total of 627 times from 337 distinct sources. 117.34.85.169 was first reported on May 24th 2026, and the most recent report was 13 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 knock	2026-06-03 02:31:11 (1 day ago)	Knock-Knock honeypot brute-force: SSH (6 total hits)	Brute-Force SSH
Anonymous	2026-06-03 02:02:54 (1 day ago)	Fail2Ban detection - brute-force attempt (jail: sshd)	Brute-Force
🇺🇸 en0	2026-06-03 01:40:34 (1 day ago)	2026-06-03 01:40:33,579 fail2ban.actions [2891841]: NOTICE [sshd] Ban 117.34.85.169	Brute-Force SSH
🇺🇸 en0	2026-06-03 01:22:17 (1 day ago)	2026-06-03 01:22:17,321 fail2ban.actions [2891841]: NOTICE [sshd] Ban 117.34.85.169	Brute-Force SSH
🇺🇸 en0	2026-06-03 01:04:29 (1 day ago)	2026-06-03 01:04:28,684 fail2ban.actions [2891841]: NOTICE [sshd] Ban 117.34.85.169	Brute-Force SSH
🇺🇸 en0	2026-06-03 00:47:05 (1 day ago)	2026-06-03 00:47:04,855 fail2ban.actions [2891841]: NOTICE [sshd] Ban 117.34.85.169	Brute-Force SSH
🇩🇪 Panter	2026-06-03 00:31:02 (1 day ago)	Bruteforce detected by fail2ban SSH	Brute-Force SSH
🇺🇸 en0	2026-06-03 00:30:07 (1 day ago)	2026-06-03 00:30:07,395 fail2ban.actions [2891841]: NOTICE [sshd] Ban 117.34.85.169	Brute-Force SSH
🇺🇸 psh-ack	2026-06-03 00:29:13 (1 day ago)	conducted credential-stuffing attack using libssh 0.9.6 scanner. Three login attempts over 9 seconds ... show more conducted credential-stuffing attack using libssh 0.9.6 scanner. Three login attempts over 9 seconds: 345gs5662d34/345gs5662d34, nginx/3245gs5662d34, nginx/nginx. Successfully executed SSH key injection payload removing existing .ssh directory, recreating it, and installing attacker-controlled RSA public key (AAAAB3NzaC1yc2EAAAABJQAAAQEArDp4cun2lhr4KUhBGE7VvAcwdli2a8dbnrTOrbMz1+5O73fcBOx8NVbUT0bUanUV9tJ2/9p7+vD0EpZ3Tz/+0kX34uAx1RV/75GVOmNx+9EuWOnvNoaJe0QXx...). This establishes persistent SSH access for future logins without password authentication. Second command attempted file attribute manipulation (chattr -ia .ssh; lockr -ia .ssh) to prevent .ssh deletion—likely to prevent credential removal and maintain access persistence. Attack pattern indicates automated scanning for weak credentials on systems running SSH, followed by immediate persistence mechanism deployment. libssh 0.9.6 library commonly used in mass SSH scanners and botnet reconnaissance tools. show less	Brute-Force SSH
🇺🇸 bigscoots.com	2026-06-03 00:27:17 (1 day ago)	(sshd) Failed SSH login from 117.34.85.169 (CN/China/-): 5 in the last 3600 secs; Ports: ; Directio ... show more (sshd) Failed SSH login from 117.34.85.169 (CN/China/-): 5 in the last 3600 secs; Ports: ; Direction: 1; Trigger: LF_SSHD; Logs: Jun 2 19:13:16 17988 sshd[17712]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.34.85.169 user=nginx Jun 2 19:13:19 17988 sshd[17712]: Failed password for nginx from 117.34.85.169 port 39754 ssh2 Jun 2 19:24:25 17988 sshd[22141]: Invalid user ubuntu from 117.34.85.169 port 37658 Jun 2 19:24:27 17988 sshd[22141]: Failed password for invalid user ubuntu from 117.34.85.169 port 37658 ssh2 Jun 2 19:26:58 17988 sshd[23059]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.34.85.169 user=root show less	Brute-Force SSH
🇩🇪 Justin F. \| AS204464	2026-06-03 00:02:28 (1 day ago)	2026-06-03T01:54:34.944768+02:00 vweb01 sshd[305950]: Invalid user ats from 117.34.85.169 port 50086 ... show more 2026-06-03T01:54:34.944768+02:00 vweb01 sshd[305950]: Invalid user ats from 117.34.85.169 port 50086 2026-06-03T01:57:13.336921+02:00 vweb01 sshd[306086]: Invalid user exch from 117.34.85.169 port 33960 2026-06-03T01:59:48.464880+02:00 vweb01 sshd[306234]: Invalid user atelier from 117.34.85.169 port 55740 2026-06-03T02:02:27.349681+02:00 vweb01 sshd[306384]: Invalid user joshua from 117.34.85.169 port 33476 ... show less	Brute-Force SSH
🇩🇪 Justin F. \| AS204464	2026-06-02 23:44:10 (1 day ago)	2026-06-03T01:36:21.583440+02:00 vweb01 sshd[305023]: Invalid user cartman from 117.34.85.169 port 3 ... show more 2026-06-03T01:36:21.583440+02:00 vweb01 sshd[305023]: Invalid user cartman from 117.34.85.169 port 35296 2026-06-03T01:38:56.691876+02:00 vweb01 sshd[305132]: Invalid user vcma from 117.34.85.169 port 39138 2026-06-03T01:41:33.791075+02:00 vweb01 sshd[305337]: Invalid user aus from 117.34.85.169 port 60902 2026-06-03T01:44:10.536521+02:00 vweb01 sshd[305471]: Invalid user comp from 117.34.85.169 port 47356 ... show less	Brute-Force SSH
🇩🇪 Justin F. \| AS204464	2026-06-02 23:25:49 (1 day ago)	2026-06-03T01:18:20.366602+02:00 vweb01 sshd[304095]: Invalid user youtrack from 117.34.85.169 port ... show more 2026-06-03T01:18:20.366602+02:00 vweb01 sshd[304095]: Invalid user youtrack from 117.34.85.169 port 58100 2026-06-03T01:20:45.945685+02:00 vweb01 sshd[304199]: Invalid user outlet from 117.34.85.169 port 41624 2026-06-03T01:23:16.340812+02:00 vweb01 sshd[304358]: Invalid user gonzo from 117.34.85.169 port 34288 2026-06-03T01:25:48.966796+02:00 vweb01 sshd[304483]: Invalid user sponsor from 117.34.85.169 port 41760 ... show less	Brute-Force SSH
🇧🇷 helix	2026-06-02 23:25:14 (1 day ago)	Automated report: SSH brute force detected. This IP exceeded the allowed number of failed login atte ... show more Automated report: SSH brute force detected. This IP exceeded the allowed number of failed login attempts (3 attempts). show less	Brute-Force SSH
🇺🇸 bigscoots.com	2026-06-02 23:21:24 (1 day ago)	(sshd) Failed SSH login from 117.34.85.169 (CN/China/-): 5 in the last 3600 secs; Ports: ; Directio ... show more (sshd) Failed SSH login from 117.34.85.169 (CN/China/-): 5 in the last 3600 secs; Ports: ; Direction: 1; Trigger: LF_SSHD; Logs: Jun 2 18:07:02 15553 sshd[25917]: Invalid user arthur from 117.34.85.169 port 52088 Jun 2 18:07:04 15553 sshd[25917]: Failed password for invalid user arthur from 117.34.85.169 port 52088 ssh2 Jun 2 18:18:41 15553 sshd[31831]: Invalid user youtrack from 117.34.85.169 port 55962 Jun 2 18:18:43 15553 sshd[31831]: Failed password for invalid user youtrack from 117.34.85.169 port 55962 ssh2 Jun 2 18:21:07 15553 sshd[783]: Invalid user outlet from 117.34.85.169 port 37070 show less	Brute-Force SSH

Showing 46 to 60 of 627 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 103.187.166.217

🇨🇦 85.217.149.44

🇺🇸 45.156.129.75

🇧🇪 35.189.196.224

🇺🇸 207.241.173.236

🇸🇦 129.208.126.112

🇨🇳 120.85.117.135

🇳🇱 89.105.195.118

🇳🇴 88.90.192.241

🇭🇰 74.125.179.149

🇺🇸 66.132.195.80

🇭🇰 58.152.42.174

🇨🇳 42.228.234.249

🇺🇸 2001:470:1:c84::18b

🇩🇪 167.94.146.35

🇺🇸 162.216.149.241

🇺🇸 147.185.132.164

🇮🇳 122.177.246.105

🇳🇱 77.83.39.95

🇸🇬 47.84.101.132