This IP address has been reported a total of
66
times from
45 distinct
sources.
149.88.20.199 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
CSF Auto Report: (smtpauth) Failed SMTP AUTH login from 149.88.20.199 (PT/Portugal/unn-149-88-20-199 ...
show moreCSF Auto Report: (smtpauth) Failed SMTP AUTH login from 149.88.20.199 (PT/Portugal/unn-149-88-20-199.datapacket.com): 4 in the last 3600 secs
show less
SSH Brute force: 1 attempts were recorded from 149.88.20.199
2026-06-17T15:48:03+02:00 Invalid user ...
show moreSSH Brute force: 1 attempts were recorded from 149.88.20.199
2026-06-17T15:48:03+02:00 Invalid user music from 149.88.20.199 port 48338
show less
149.88.20.199 (PT/Portugal/unn-149-88-20-199.datapacket.com), 5 distributed sshd attacks on account ...
show more149.88.20.199 (PT/Portugal/unn-149-88-20-199.datapacket.com), 5 distributed sshd attacks on account [music] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jun 17 08:47:45 14048 sshd[23459]: Invalid user music from 149.88.20.199 port 32986
Jun 17 08:41:21 14048 sshd[20385]: Invalid user music from 113.177.27.200 port 46626
Jun 17 08:41:23 14048 sshd[20385]: Failed password for invalid user music from 113.177.27.200 port 46626 ssh2
Jun 17 07:48:00 14048 sshd[25974]: Invalid user music from 117.72.154.73 port 42050
Jun 17 07:48:03 14048 sshd[25974]: Failed password for invalid user music from 117.72.154.73 port 42050 ssh2
IP Addresses Blocked:
show less
2026-06-17T16:47:35.121725+03:00 nexus6 sshd[1498386]: Invalid user music from 149.88.20.199 port 48 ...
show more2026-06-17T16:47:35.121725+03:00 nexus6 sshd[1498386]: Invalid user music from 149.88.20.199 port 48410
...
show less
149.88.20.199 is one of many (potentially hijacked) hosts in a botnet. This attack is a large scale ...
show more149.88.20.199 is one of many (potentially hijacked) hosts in a botnet. This attack is a large scale industrial operation attempting unrelenting brute-force login attempts for months on end - between all CIDR ranges in the botnet, our servers receive over 800 authentication attempts per minute on smtp, imap and relative mail ports, as well as ssh, and other protocols.
IP INFO:
- IP 149.88.20.199
- Anycast false
- City N/A
- Region N/A
- Region Code N/A
- Country N/A (N/A)
- Continent N/A (N/A)
- Range N/A
- Provider N/A
- Organisation N/A
- Proxy N/A
- Type N/A
show less
SSH Brute force: 1 attempts were recorded from 149.88.20.199
2026-06-09T12:10:08+02:00 Invalid user ...
show moreSSH Brute force: 1 attempts were recorded from 149.88.20.199
2026-06-09T12:10:08+02:00 Invalid user rollserv from 149.88.20.199 port 45686
show less
2026-06-09T12:08:51.547006+02:00 r2d2 sshd-session[311774]: Invalid user test from 149.88.20.199 por ...
show more2026-06-09T12:08:51.547006+02:00 r2d2 sshd-session[311774]: Invalid user test from 149.88.20.199 port 52158
...
show less
Honeypot [uk-production01]: Brute-force attack detected on 22/SSH
โข Credential used: misuser:misuser ...
show moreHoneypot [uk-production01]: Brute-force attack detected on 22/SSH
โข Credential used: misuser:misuser
โข Number of login attempts: 1
โข Client: SSH-2.0-libssh_0.9.6
show less
SSH
Showing 1 to
15
of 66 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ