JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 117.89.254.46

117.89.254.46 was found in our database!

This IP was reported 1,336 times. Confidence of Abuse is 100%: ?

100%

ISP	CHINANET jiangsu province network
Usage Type	Commercial
ASN	AS134756
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Nanjing, Jiangsu

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 117.89.254.46

Whois 117.89.254.46

IP Abuse Reports for 117.89.254.46:

This IP address has been reported a total of 1,336 times from 553 distinct sources. 117.89.254.46 was first reported on February 17th 2026, and the most recent report was 19 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-26 01:24:56 (1 week ago)	2026-05-25T20:22:50.050005 DDMZLXSFV01 sshd[3602247]: Failed password for root from 117.89.254.46 po ... show more 2026-05-25T20:22:50.050005 DDMZLXSFV01 sshd[3602247]: Failed password for root from 117.89.254.46 port 44102 ssh2 2026-05-25T20:24:53.559605 DDMZLXSFV01 sshd[3602428]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.89.254.46 user=root 2026-05-25T20:24:55.635894 DDMZLXSFV01 sshd[3602428]: Failed password for root from 117.89.254.46 port 52940 ssh2 ... show less	Brute-Force SSH
🇩🇪 Panter	2026-05-25 23:52:32 (1 week ago)	Bruteforce detected by fail2ban SSH	Brute-Force SSH
🇦🇹 urnilxfgbez	2026-05-25 22:45:00 (1 week ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 rscott.us	2026-05-25 20:00:06 (1 week ago)	Brute force SSH login attempts.	Brute-Force SSH
🇪🇸 librebit	2026-05-25 12:40:34 (1 week ago)	Brute force	Brute-Force
🇸🇬 drewf.ink	2026-05-25 11:54:41 (1 week ago)	[11:54] Attempted SSH login on port 2222 with credentials root:------fuck------	Brute-Force SSH
🇺🇸 bigscoots.com	2026-05-25 08:31:07 (1 week ago)	117.89.254.46 (CN/China/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Port ... show more 117.89.254.46 (CN/China/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: May 25 03:17:22 13989 sshd[2412]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.17.162.201 user=root May 25 03:17:24 13989 sshd[2412]: Failed password for root from 111.17.162.201 port 50182 ssh2 May 25 03:17:02 13989 sshd[2318]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.17.162.201 user=root May 25 03:17:05 13989 sshd[2318]: Failed password for root from 111.17.162.201 port 39024 ssh2 May 25 03:30:48 13989 sshd[3843]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.89.254.46 user=root May 25 03:17:51 13989 sshd[2419]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.17.162.201 user=root IP Addresses Blocked: 111.17.162.201 (CN/China/-) show less	Brute-Force SSH
Anonymous	2026-05-25 07:50:54 (1 week ago)	2026-05-25T14:50:25.863358 vm01 sshd[153449]: Invalid user user from 117.89.254.46 port 43564 2026-0 ... show more 2026-05-25T14:50:25.863358 vm01 sshd[153449]: Invalid user user from 117.89.254.46 port 43564 2026-05-25T14:50:28.869087 vm01 sshd[153460]: Invalid user user from 117.89.254.46 port 43572 2026-05-25T14:50:30.363954 vm01 sshd[153473]: Invalid user user from 117.89.254.46 port 43574 show less	Brute-Force SSH
🇮🇳 Parth Maniar	2026-05-25 05:57:08 (1 week ago)	This IP address carried out 15 port scanning attempts on 24-05-2026. For more information or to repo ... show more This IP address carried out 15 port scanning attempts on 24-05-2026. For more information or to report interesting / incorrect findings, give me a shoutout @parthmaniar on Twitter. show less	Port Scan SSH
🇮🇳 Parth Maniar	2026-05-25 05:31:38 (1 week ago)	This IP address carried out 3 SSH credential attack (attempts) on 24-05-2026. For more information o ... show more This IP address carried out 3 SSH credential attack (attempts) on 24-05-2026. For more information or to report interesting / incorrect findings, give me a shoutout @parthmaniar on Twitter. show less	Brute-Force SSH
🇬🇧 PeravixGroup	2026-05-25 04:45:05 (1 week ago)	Honeypot detection: SSH brute-force authentication attempt on port 22. Severity: MEDIUM. Aaran.cloud	SSH Brute-Force
🇺🇸 bigscoots.com	2026-05-24 23:25:46 (1 week ago)	117.89.254.46 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Port ... show more 117.89.254.46 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: May 24 18:21:13 14083 sshd[28868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.210.150.49 user=root May 24 18:21:16 14083 sshd[28868]: Failed password for root from 51.210.150.49 port 38542 ssh2 May 24 18:25:24 14083 sshd[29333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.89.254.46 user=root May 24 18:25:25 14083 sshd[29333]: Failed password for root from 117.89.254.46 port 57408 ssh2 May 24 18:25:27 14083 sshd[29335]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.89.254.46 user=root IP Addresses Blocked: 51.210.150.49 (FR/France/n8n.vitis-group.net) show less	Brute-Force SSH
🇺🇸 bigscoots.com	2026-05-24 17:17:57 (1 week ago)	117.89.254.46 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Port ... show more 117.89.254.46 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: May 24 12:12:25 13966 sshd[18622]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.18.241.179 user=root May 24 12:12:27 13966 sshd[18622]: Failed password for root from 186.18.241.179 port 39876 ssh2 May 24 11:50:39 13966 sshd[16244]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.89.254.46 user=root May 24 11:50:40 13966 sshd[16244]: Failed password for root from 117.89.254.46 port 56030 ssh2 May 24 12:17:43 13966 sshd[19163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.19.10.21 user=root IP Addresses Blocked: 186.18.241.179 (AR/Argentina/cpe-186-18-241-179.telecentro-reversos.com.ar) show less	Brute-Force SSH
🇩🇪 mueller-nils.com	2026-05-24 16:05:42 (1 week ago)	May 24 18:05:36 [host] sshd[5463]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid= ... show more May 24 18:05:36 [host] sshd[5463]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid= May 24 18:05:38 [host] sshd[5463]: Failed password for root from 117.89.254.46 port 50278 ssh2 May 24 18:05:39 [host] sshd[5463]: Connection closed by authenticating user root 117.89.254.46 port May 24 18:05:40 [host] sshd[5467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid= May 24 18:05:42 [host] sshd[5467]: Failed password for root from 117.89.254.46 port 50286 ssh2 show less	Brute-Force SSH
🇺🇸 RAP	2026-05-24 14:51:09 (1 week ago)	2026-05-24 14:51:09 UTC Unauthorized activity to TCP port 22. SSH	SSH

Showing 166 to 180 of 1336 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 211.254.212.59

🇹🇼 198.235.24.102

🇧🇷 186.235.186.162

🇯🇵 163.43.18.248

🇫🇷 45.157.112.236

🇫🇷 38.242.232.20

🇺🇸 34.60.85.230

🇺🇸 162.216.150.135

🇻🇳 116.99.173.102

🇸🇬 101.47.27.73

🇱🇹 81.30.98.44

🇧🇬 79.124.62.126

🇫🇷 54.38.241.200

🇺🇸 208.84.100.201

🇧🇷 205.210.31.208

🇺🇸 205.210.31.88

🇧🇴 181.115.147.5

🇧🇷 177.182.253.245

🇲🇾 103.91.67.202

🇨🇦 4.205.28.179