JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 119.28.161.148

119.28.161.148 was found in our database!

This IP was reported 101 times. Confidence of Abuse is 100%: ?

100%

ISP	Tencent cloud computing (Beijing) Co., Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS132203
Domain Name	tencent.com
Country	🇰🇷 Korea (the Republic of)
City	Seoul, Seoul

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 119.28.161.148

Whois 119.28.161.148

IP Abuse Reports for 119.28.161.148:

This IP address has been reported a total of 101 times from 81 distinct sources. 119.28.161.148 was first reported on June 29th 2026, and the most recent report was 44 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 focusnic.com	2026-06-30 12:21:01 (44 minutes ago)	Multiple SSH login attempts from 119.28.161.148 targeting user(s): mysql,root,server1 \| Server Manag ... show more Multiple SSH login attempts from 119.28.161.148 targeting user(s): mysql,root,server1 \| Server Managed by Focusnic show less	Brute-Force SSH
🇩🇪 PieKnu	2026-06-30 12:19:45 (46 minutes ago)	Jun 30 12:15:45 host sshd[1357746]: Failed password for invalid user server1 from 119.28.161.148 por ... show more Jun 30 12:15:45 host sshd[1357746]: Failed password for invalid user server1 from 119.28.161.148 port 36074 ssh2 Jun 30 12:17:49 host sshd[1358428]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.161.148 user=root Jun 30 12:17:51 host sshd[1358428]: Failed password for root from 119.28.161.148 port 33810 ssh2 Jun 30 12:19:42 host sshd[1358902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.161.148 user=mysql Jun 30 12:19:44 host sshd[1358902]: Failed password for mysql from 119.28.161.148 port 51436 ssh2 ... show less	Brute-Force SSH
🇺🇸 cbz	2026-06-30 11:57:23 (1 hour ago)	2026-06-30T07:41:21.760553-04:00 us-east.cbz.pw sshd[515940]: Failed password for invalid user admin ... show more 2026-06-30T07:41:21.760553-04:00 us-east.cbz.pw sshd[515940]: Failed password for invalid user admin from 119.28.161.148 port 34074 ssh2 2026-06-30T07:43:08.310642-04:00 us-east.cbz.pw sshd[515953]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.161.148 user=root 2026-06-30T07:43:10.749163-04:00 us-east.cbz.pw sshd[515953]: Failed password for root from 119.28.161.148 port 37728 ssh2 2026-06-30T07:45:00.562898-04:00 us-east.cbz.pw sshd[515966]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.161.148 user=root 2026-06-30T07:45:02.710318-04:00 us-east.cbz.pw sshd[515966]: Failed password for root from 119.28.161.148 port 38450 ssh2 ... show less	Brute-Force SSH
Anonymous	2026-06-30 11:41:20 (1 hour ago)	2026-06-30T19:22:42.512684+08:00 kltw-debian sshd[178020]: Disconnected from authenticating user roo ... show more 2026-06-30T19:22:42.512684+08:00 kltw-debian sshd[178020]: Disconnected from authenticating user root 119.28.161.148 port 35406 [preauth] 2026-06-30T19:34:29.879774+08:00 kltw-debian sshd[178111]: Disconnected from authenticating user root 119.28.161.148 port 34838 [preauth] 2026-06-30T19:36:22.040944+08:00 kltw-debian sshd[178130]: Disconnected from authenticating user root 119.28.161.148 port 37940 [preauth] 2026-06-30T19:38:20.307727+08:00 kltw-debian sshd[178146]: Disconnected from authenticating user root 119.28.161.148 port 56822 [preauth] 2026-06-30T19:40:11.667361+08:00 kltw-debian sshd[178169]: Invalid user deploy from 119.28.161.148 port 42602 ... show less	Brute-Force SSH
🇺🇸 cbz	2026-06-30 11:41:15 (1 hour ago)	2026-06-30T07:27:00.584906-04:00 us-east.cbz.pw sshd[515812]: pam_unix(sshd:auth): authentication fa ... show more 2026-06-30T07:27:00.584906-04:00 us-east.cbz.pw sshd[515812]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.161.148 user=root 2026-06-30T07:27:02.798082-04:00 us-east.cbz.pw sshd[515812]: Failed password for root from 119.28.161.148 port 34376 ssh2 2026-06-30T07:28:52.195248-04:00 us-east.cbz.pw sshd[515830]: Invalid user deploy from 119.28.161.148 port 53786 2026-06-30T07:28:52.198791-04:00 us-east.cbz.pw sshd[515830]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.161.148 2026-06-30T07:28:54.125167-04:00 us-east.cbz.pw sshd[515830]: Failed password for invalid user deploy from 119.28.161.148 port 53786 ssh2 ... show less	Brute-Force SSH
🇫🇷 JOREL Jean-Charles	2026-06-30 11:38:11 (1 hour ago)	2026-06-30T13:36:17.004020+02:00 fangorn sshd[4025035]: Failed password for root from 119.28.161.148 ... show more 2026-06-30T13:36:17.004020+02:00 fangorn sshd[4025035]: Failed password for root from 119.28.161.148 port 57844 ssh2 2026-06-30T13:38:08.210476+02:00 fangorn sshd[4025246]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.161.148 user=root 2026-06-30T13:38:10.799344+02:00 fangorn sshd[4025246]: Failed password for root from 119.28.161.148 port 34952 ssh2 ... show less	Brute-Force SSH
🇳🇱 GG UNLUCKI	2026-06-30 10:59:24 (2 hours ago)	Fail2Ban SSH brute-force ban on bebricow.hostes.io. jail=sshd; source=fail2ban; no raw log lines inc ... show more Fail2Ban SSH brute-force ban on bebricow.hostes.io. jail=sshd; source=fail2ban; no raw log lines included. show less	Brute-Force SSH
🇨🇿 ICT KnTl	2026-06-30 10:55:56 (2 hours ago)	2026-06-30T12:44:34.995317+02:00 secure sshd[69570]: User root from 119.28.161.148 not allowed becau ... show more 2026-06-30T12:44:34.995317+02:00 secure sshd[69570]: User root from 119.28.161.148 not allowed because not listed in AllowUsers 2026-06-30T12:53:56.486949+02:00 secure sshd[69603]: User root from 119.28.161.148 not allowed because not listed in AllowUsers 2026-06-30T12:55:56.522290+02:00 secure sshd[69629]: User root from 119.28.161.148 not allowed because not listed in AllowUsers ... show less	Brute-Force SSH
🇺🇸 www.narsol.org	2026-06-30 10:34:10 (2 hours ago)	Jun 30 06:25:15 do1 sshd[3244812]: Disconnected from authenticating user root 119.28.161.148 port 33 ... show more Jun 30 06:25:15 do1 sshd[3244812]: Disconnected from authenticating user root 119.28.161.148 port 33336 [preauth] Jun 30 06:27:29 do1 sshd[3245987]: Disconnected from authenticating user root 119.28.161.148 port 36924 [preauth] Jun 30 06:29:45 do1 sshd[3246812]: Disconnected from authenticating user root 119.28.161.148 port 40252 [preauth] Jun 30 06:31:56 do1 sshd[3249489]: Disconnected from authenticating user root 119.28.161.148 port 47960 [preauth] Jun 30 06:34:09 do1 sshd[3250609]: Disconnected from authenticating user root 119.28.161.148 port 40478 [preauth] ... show less	Brute-Force SSH
🇺🇸 www.narsol.org	2026-06-30 10:14:04 (2 hours ago)	Jun 30 06:07:06 do1 sshd[3230082]: Disconnected from authenticating user root 119.28.161.148 port 39 ... show more Jun 30 06:07:06 do1 sshd[3230082]: Disconnected from authenticating user root 119.28.161.148 port 39540 [preauth] Jun 30 06:09:27 do1 sshd[3231371]: Disconnected from authenticating user root 119.28.161.148 port 58650 [preauth] Jun 30 06:11:48 do1 sshd[3234107]: Disconnected from authenticating user root 119.28.161.148 port 59258 [preauth] Jun 30 06:14:03 do1 sshd[3235181]: Invalid user david from 119.28.161.148 port 38930 Jun 30 06:14:04 do1 sshd[3235181]: Disconnected from invalid user david 119.28.161.148 port 38930 [preauth] ... show less	Brute-Force SSH
🇳🇬 demonsword	2026-06-30 09:50:59 (3 hours ago)	SSH brute-force detected: 19 failed login attempts in the last 1 hour.	Brute-Force SSH
🇩🇪 wlt-blocker	2026-06-30 09:21:34 (3 hours ago)	Attempts to access SSH server with wrong credentials	SSH
🇺🇸 bigscoots.com	2026-06-30 07:56:14 (5 hours ago)	119.28.161.148 (KR/South Korea/-), 5 distributed sshd attacks on account [root] in the last 3600 sec ... show more 119.28.161.148 (KR/South Korea/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jun 30 02:55:46 17988 sshd[12654]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.82.37.177 user=root Jun 30 02:43:02 17988 sshd[7272]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.82.37.177 user=root Jun 30 02:43:04 17988 sshd[7272]: Failed password for root from 36.82.37.177 port 59272 ssh2 Jun 30 02:50:30 17988 sshd[10500]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.161.148 user=root Jun 30 02:50:32 17988 sshd[10500]: Failed password for root from 119.28.161.148 port 59096 ssh2 IP Addresses Blocked: 36.82.37.177 (ID/Indonesia/-) show less	Brute-Force SSH
🇺🇸 brianbgv	2026-06-30 07:55:42 (5 hours ago)	SSH brute force detected by Fail2Ban	Brute-Force
🇩🇪 Arsh	2026-06-30 06:34:48 (6 hours ago)	2026-06-30T06:26:30.435893+00:00 v2202502255267314709 sshd[3374443]: User root from 119.28.161.148 n ... show more 2026-06-30T06:26:30.435893+00:00 v2202502255267314709 sshd[3374443]: User root from 119.28.161.148 not allowed because not listed in AllowUsers 2026-06-30T06:29:05.892072+00:00 v2202502255267314709 sshd[3380573]: User root from 119.28.161.148 not allowed because not listed in AllowUsers 2026-06-30T06:30:59.147688+00:00 v2202502255267314709 sshd[3385160]: Invalid user testuser from 119.28.161.148 port 33452 2026-06-30T06:32:55.105318+00:00 v2202502255267314709 sshd[3389856]: User root from 119.28.161.148 not allowed because not listed in AllowUsers 2026-06-30T06:34:47.536473+00:00 v2202502255267314709 sshd[3394511]: User root from 119.28.161.148 not allowed because not listed in AllowUsers ... show less	Brute-Force SSH

Showing 1 to 15 of 101 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.87

🇫🇮 209.85.208.180

🇺🇸 209.85.167.174

🇺🇸 198.2.216.9

🇩🇪 195.63.21.240

🇩🇪 195.63.21.16

🇩🇪 195.63.20.191

🇩🇪 195.63.20.180

🇩🇪 195.63.20.106

🇧🇷 170.238.160.191

🇩🇪 161.35.24.193

🇪🇬 156.202.96.234

🇬🇧 154.16.44.45

🇮🇳 103.248.120.6

🇸🇬 84.75.148.244

🇸🇬 82.38.180.216

🇺🇸 69.40.148.187

🇹🇷 31.58.248.172

🇺🇸 20.127.202.110

🇺🇸 209.85.160.181