JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 150.138.182.189

150.138.182.189 was found in our database!

This IP was reported 198 times. Confidence of Abuse is 59%: ?

59%

ISP	CHINANET SHANDONG PROVINCE NETWORK
Usage Type	Commercial
ASN	AS58541
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Qingdao, Shandong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 150.138.182.189

Whois 150.138.182.189

IP Abuse Reports for 150.138.182.189:

This IP address has been reported a total of 198 times from 116 distinct sources. 150.138.182.189 was first reported on February 10th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇳 evicky2002	2026-05-28 07:33:20 (2 weeks ago)	Confirmed malicious by STILWaters CTI platform (score=100, sources=1)	Hacking Brute-Force SSH
🇨🇳 ThreatBook.io	2026-05-15 00:37:32 (1 month ago)	ThreatBook Intelligence: Scanner,IDC more details on https://threatbook.io/ip/150.138.182.189 2026-0 ... show more ThreatBook Intelligence: Scanner,IDC more details on https://threatbook.io/ip/150.138.182.189 2026-05-14 01:00:21 ["uname -s -m"] 2026-05-14 00:58:11 ["uname -s -m"] show less	SSH
🇦🇺 LiftUp Hosting	2026-05-14 22:46:00 (1 month ago)	Honeypot hit: Empty payload (likely service probe); 40022 [1] TCP	Port Scan
🇺🇸 bigscoots.com	2026-05-14 21:17:39 (1 month ago)	150.138.182.189 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Po ... show more 150.138.182.189 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: May 14 21:16:13 24013 sshd[8430]: Failed password for root from 133.167.47.252 port 55052 ssh2 May 14 21:16:11 24013 sshd[8430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=133.167.47.252 user=root May 14 21:17:32 24013 sshd[8519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=133.167.47.252 user=root May 14 20:21:28 24013 sshd[3669]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.138.182.189 user=root May 14 20:21:29 24013 sshd[3669]: Failed password for root from 150.138.182.189 port 47244 ssh2 IP Addresses Blocked: 133.167.47.252 (JP/Japan/os3-361-13998.vs.sakura.ne.jp) show less	Brute-Force SSH
Anonymous	2026-05-14 19:39:36 (1 month ago)	Trying ports that it shouldn't be.	Port Scan Hacking Exploited Host
🇬🇧 gbzret4d	2026-05-14 17:58:36 (1 month ago)	Honeypot [uk-production01]: Empty payload (likely service probe); 2222 [1] TCP	Port Scan
🇫🇷 pr0vieh	2026-05-14 12:39:25 (1 month ago)	2026-05-14T14:37:57.489530+02:00 Linux05 sshd[47449]: pam_unix(sshd:auth): authentication failure; l ... show more 2026-05-14T14:37:57.489530+02:00 Linux05 sshd[47449]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.138.182.189 user=root 2026-05-14T14:37:59.335454+02:00 Linux05 sshd[47449]: Failed password for root from 150.138.182.189 port 44604 ssh2 2026-05-14T14:38:52.453365+02:00 Linux05 sshd[47483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.138.182.189 user=root 2026-05-14T14:38:54.183595+02:00 Linux05 sshd[47483]: Failed password for root from 150.138.182.189 port 54454 ssh2 2026-05-14T14:39:04.230869+02:00 Linux05 sshd[47843]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.138.182.189 user=root 2026-05-14T14:39:05.941594+02:00 Linux05 sshd[47843]: Failed password for root from 150.138.182.189 port 43586 ssh2 2026-05-14T14:39:10.669931+02:00 Linux05 sshd[47905]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150 ... show less	Brute-Force SSH
🇳🇱 MaasSec	2026-05-14 11:45:15 (1 month ago)	SSH honeypot activity (China): SSH connection probe. Reported by Maassec Honeynet (maassec.nl).	Port Scan SSH
🇩🇪 AS213449.net	2026-05-14 06:35:59 (1 month ago)	05/14/2026-08:35:56.075069 src=150.138.182.189 dst=89.144.63.101:22 proto=6 msg=ET SCAN Potential SS ... show more 05/14/2026-08:35:56.075069 src=150.138.182.189 dst=89.144.63.101:22 proto=6 msg=ET SCAN Potential SSH Scan show less	Brute-Force SSH
🇩🇪 AS213449.net	2026-05-14 06:16:05 (1 month ago)	05/14/2026-08:15:55.044103 src=150.138.182.189 dst=89.144.63.101:22 proto=6 msg=ET SCAN Potential SS ... show more 05/14/2026-08:15:55.044103 src=150.138.182.189 dst=89.144.63.101:22 proto=6 msg=ET SCAN Potential SSH Scan show less	Brute-Force SSH
🇩🇪 AS213449.net	2026-05-14 05:56:44 (1 month ago)	05/14/2026-07:56:41.221786 src=150.138.182.189 dst=89.144.63.101:22 proto=6 msg=ET SCAN Potential SS ... show more 05/14/2026-07:56:41.221786 src=150.138.182.189 dst=89.144.63.101:22 proto=6 msg=ET SCAN Potential SSH Scan show less	Brute-Force SSH
🇩🇪 ipcop.net	2026-05-13 14:30:27 (1 month ago)	2026-05-13T16:30:04.101321+02:00 router01.bongen-auto.de sshd[680318]: Connection closed by authenti ... show more 2026-05-13T16:30:04.101321+02:00 router01.bongen-auto.de sshd[680318]: Connection closed by authenticating user root 150.138.182.189 port 58584 [preauth] 2026-05-13T16:30:15.097023+02:00 router01.bongen-auto.de sshd[680486]: Invalid user albert from 150.138.182.189 port 34496 2026-05-13T16:30:15.590246+02:00 router01.bongen-auto.de sshd[680486]: Connection closed by invalid user albert 150.138.182.189 port 34496 [preauth] 2026-05-13T16:30:26.996223+02:00 router01.bongen-auto.de sshd[680492]: Invalid user qilong from 150.138.182.189 port 56830 2026-05-13T16:30:27.453430+02:00 router01.bongen-auto.de sshd[680492]: Connection closed by invalid user qilong 150.138.182.189 port 56830 [preauth] show less	Brute-Force
🇩🇪 Justin F. \| AS204464	2026-05-11 17:30:52 (1 month ago)	2026-05-11T19:30:19.579795+02:00 vpn sshd-session[694234]: Failed password for root from 150.138.182 ... show more 2026-05-11T19:30:19.579795+02:00 vpn sshd-session[694234]: Failed password for root from 150.138.182.189 port 32910 ssh2 2026-05-11T19:30:37.750941+02:00 vpn sshd-session[694247]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.138.182.189 user=root 2026-05-11T19:30:39.721423+02:00 vpn sshd-session[694247]: Failed password for root from 150.138.182.189 port 36558 ssh2 2026-05-11T19:30:50.150604+02:00 vpn sshd-session[694271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.138.182.189 user=root 2026-05-11T19:30:51.634808+02:00 vpn sshd-session[694271]: Failed password for root from 150.138.182.189 port 39980 ssh2 ... show less	Brute-Force SSH
🇩🇪 nohacefaltapapel-et.net	2026-05-11 07:39:10 (1 month ago)	2026-05-11T09:39:04.243741milloweb sshd[19457]: Failed password for root from 150.138.182.189 port 3 ... show more 2026-05-11T09:39:04.243741milloweb sshd[19457]: Failed password for root from 150.138.182.189 port 34498 ssh2 2026-05-11T09:39:08.065465milloweb sshd[19484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.138.182.189 user=root 2026-05-11T09:39:09.926689milloweb sshd[19484]: Failed password for root from 150.138.182.189 port 37124 ssh2 ... show less	Brute-Force SSH
🇺🇸 bigscoots.com	2026-05-11 03:24:29 (1 month ago)	(sshd) Failed SSH login from 150.138.182.189 (CN/-/-): 5 in the last 3600 secs; Ports: ; Direction: ... show more (sshd) Failed SSH login from 150.138.182.189 (CN/-/-): 5 in the last 3600 secs; Ports: ; Direction: 1; Trigger: LF_SSHD; Logs: May 10 22:23:56 14279 sshd[20063]: Did not receive identification string from 150.138.182.189 port 33522 May 10 22:23:59 14279 sshd[20066]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.138.182.189 user=root May 10 22:24:01 14279 sshd[20066]: Failed password for root from 150.138.182.189 port 34058 ssh2 May 10 22:24:05 14279 sshd[20135]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.138.182.189 user=root May 10 22:24:07 14279 sshd[20135]: Failed password for root from 150.138.182.189 port 36214 ssh2 show less	Brute-Force SSH

Showing 1 to 15 of 198 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇷 186.177.88.96

🇵🇱 83.168.107.158

🇰🇷 222.120.176.6

🇸🇬 194.5.82.9

🇮🇳 182.78.240.94

🇷🇺 178.178.194.126

🇧🇩 103.26.136.173

🇺🇸 99.60.18.106

🇳🇱 91.92.40.45

🇮🇹 79.41.105.8

🇩🇪 69.5.169.97

🇱🇹 45.227.254.170

🇧🇷 45.205.1.73

🇵🇰 39.48.181.119

🇬🇪 2.57.217.229

🇸🇬 194.5.82.21

🇷🇺 178.65.206.24

🇩🇪 176.65.132.149

🇩🇪 167.94.146.64

🇮🇳 122.187.235.148