JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 117.72.149.48

117.72.149.48 was found in our database!

This IP was reported 167 times. Confidence of Abuse is 2%: ?

ISP	Beijing Jingdong 360 Degree E-commerce Co., Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS141679
Domain Name	jd.com
Country	🇨🇳 China
City	Tianjin, Tianjin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 117.72.149.48

Whois 117.72.149.48

IP Abuse Reports for 117.72.149.48:

This IP address has been reported a total of 167 times from 100 distinct sources. 117.72.149.48 was first reported on September 25th 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇺 victoryur	2026-06-05 00:02:04 (3 days ago)	Reported by Fail2Ban on 24.finkont.ru (sshd)	Brute-Force
🇷🇺 victoryur	2026-05-03 00:01:20 (1 month ago)	Reported by Fail2Ban on 24.finkont.ru (sshd)	Brute-Force
🇷🇺 victoryur	2026-03-30 00:06:11 (2 months ago)	Reported by Fail2Ban on 24.finkont.ru (sshd)	Brute-Force
🇨🇳 ThreatBook.io	2026-03-26 23:49:56 (2 months ago)	ThreatBook Intelligence: IDC more details on http://threatbook.io/ip/117.72.149.48	SSH
Anonymous	2026-03-26 16:31:11 (2 months ago)	Failed login attempt detected by Fail2Ban in ssh jail	Brute-Force
🇫🇷 glmx	2026-03-26 14:47:53 (2 months ago)	This source IP initiated an unauthorized connection to a controlled SSH honeypot environment deploye ... show more This source IP initiated an unauthorized connection to a controlled SSH honeypot environment deployed for threat detection. The service is a non-production deceptive endpoint used solely to identify malicious reconnaissance, automated scanning, credential probing, and other pre-compromise activity. Any interaction with this service is considered highly suspicious because it is not advertised for legitimate use. show less	Port Scan SSH
🇨🇭 Modules	2026-03-26 11:00:10 (2 months ago)	Cowrie honeypot: cowrie.session.connect, Protocol: ssh \| Cowrie honeypot: cowrie.session.closed, Pro ... show more Cowrie honeypot: cowrie.session.connect, Protocol: ssh \| Cowrie honeypot: cowrie.session.closed, Protocol: ssh (2 events, first: 2026-03-26T09:46:59.744Z, last: 2026-03-26T09:48:59.794Z) show less	Port Scan SSH
Anonymous	2026-03-26 08:20:44 (2 months ago)	2026-03-26T08:16:47.788729+00:00 de-fra2-rpki1 sshd[3065883]: Invalid user keycloak from 117.72.149. ... show more 2026-03-26T08:16:47.788729+00:00 de-fra2-rpki1 sshd[3065883]: Invalid user keycloak from 117.72.149.48 port 44792 2026-03-26T08:20:12.292623+00:00 de-fra2-rpki1 sshd[3065945]: Invalid user sav from 117.72.149.48 port 45632 2026-03-26T08:20:43.755830+00:00 de-fra2-rpki1 sshd[3065955]: Invalid user steam from 117.72.149.48 port 51768 ... show less	Brute-Force SSH
🇺🇸 Cheddar	2026-03-26 08:03:01 (2 months ago)	2026-03-26T07:53:44.590259+00:00 us-lax-node1121 sshd-session[960581]: pam_unix(sshd:auth): authenti ... show more 2026-03-26T07:53:44.590259+00:00 us-lax-node1121 sshd-session[960581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.72.149.48 2026-03-26T07:53:47.201887+00:00 us-lax-node1121 sshd-session[960581]: Failed password for invalid user unleash from 117.72.149.48 port 51116 ssh2 2026-03-26T08:03:00.573340+00:00 us-lax-node1121 sshd-session[961766]: Invalid user primary from 117.72.149.48 port 43294 ... show less	Brute-Force SSH
🇫🇷 Jérôme Delacotte	2026-03-26 08:01:35 (2 months ago)	Mar 26 09:01:32 Akhenaton sshd[2202465]: Invalid user unleash from 117.72.149.48 port 54964 Mar 26 0 ... show more Mar 26 09:01:32 Akhenaton sshd[2202465]: Invalid user unleash from 117.72.149.48 port 54964 Mar 26 09:01:34 Akhenaton sshd[2202465]: Failed password for invalid user unleash from 117.72.149.48 port 54964 ssh2 ... show less	Brute-Force SSH
🇧🇷 helix	2026-03-26 06:25:10 (2 months ago)	Automated report: SSH brute force detected. This IP exceeded the allowed number of failed login atte ... show more Automated report: SSH brute force detected. This IP exceeded the allowed number of failed login attempts (3 attempts). show less	Brute-Force SSH
🇰🇷 Siwol	2026-03-26 05:49:30 (2 months ago)	Mar 26 14:39:13 starlight-server sshd[29427]: Failed password for invalid user develop from 117.72.1 ... show more Mar 26 14:39:13 starlight-server sshd[29427]: Failed password for invalid user develop from 117.72.149.48 port 34604 ssh2 Mar 26 14:48:36 starlight-server sshd[35938]: Invalid user ax from 117.72.149.48 port 57022 Mar 26 14:48:36 starlight-server sshd[35938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.72.149.48 Mar 26 14:48:38 starlight-server sshd[35938]: Failed password for invalid user ax from 117.72.149.48 port 57022 ssh2 Mar 26 14:49:29 starlight-server sshd[36532]: Invalid user ruslan from 117.72.149.48 port 38248 ... show less	Brute-Force SSH
🇨🇿 lp	2026-03-26 05:48:51 (2 months ago)	SSH Brute force: 1 attempts were recorded from 117.72.149.48 2026-03-26T05:47:47+01:00 Invalid user ... show more SSH Brute force: 1 attempts were recorded from 117.72.149.48 2026-03-26T05:47:47+01:00 Invalid user example01 from 117.72.149.48 port 50810 show less	Brute-Force SSH
🇹🇷 Threat.live	2026-03-26 05:35:10 (2 months ago)	Brute Force, tcp/22	Brute-Force
🇩🇪 YumXac	2026-03-26 01:52:05 (2 months ago)	2026-03-26T02:41:10.905070+01:00 pve-osd-101 sshd[107685]: Disconnected from invalid user gradle 117 ... show more 2026-03-26T02:41:10.905070+01:00 pve-osd-101 sshd[107685]: Disconnected from invalid user gradle 117.72.149.48 port 32934 [preauth] 2026-03-26T02:52:00.034221+01:00 pve-osd-101 sshd[116354]: Invalid user molly from 117.72.149.48 port 45190 2026-03-26T02:52:00.036374+01:00 pve-osd-101 sshd[116354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.72.149.48 2026-03-26T02:52:00.043598+01:00 pve-osd-101 sshd[116354]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.72.149.48 user=molly 2026-03-26T02:52:02.352765+01:00 pve-osd-101 sshd[116354]: Failed password for invalid user molly from 117.72.149.48 port 45190 ssh2 2026-03-26T02:52:04.583651+01:00 pve-osd-101 sshd[116354]: Disconnected from invalid user molly 117.72.149.48 port 45190 [preauth] ... show less	Brute-Force SSH

Showing 1 to 15 of 167 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇾 47.254.231.20

🇨🇳 2404:c2c0:8f41:ef01:b929:9aed:7113:82ff

🇪🇨 186.68.83.104

🇬🇧 185.38.148.2

🇻🇳 183.91.11.36

🇮🇳 103.167.95.242

🇱🇹 81.30.98.144

🇺🇸 45.147.234.231

🇺🇸 34.174.39.230

🇨🇳 221.234.36.123

🇧🇪 198.235.24.206

🇻🇪 190.202.49.236

🇨🇳 150.255.91.79

🇨🇳 115.190.150.8

🇭🇰 103.243.24.124

🇮🇷 95.38.235.47

🇫🇷 85.204.70.100

🇺🇸 72.240.125.133

🇳🇱 45.148.10.157

🇭🇰 45.142.154.87