This IP address has been reported a total of
481
times from
110 distinct
sources.
221.131.139.70 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 3900 [1] TCP
Reported by DisPaisy ...
show moreHoneypot [fra-de-honeypot]: Empty payload (likely service probe); 3900 [1] TCP
Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB
show less
Automatically generated from firewall_v2 logs on Server_ID: MIAPX1
Category: Port Scan
Occurrences ...
show moreAutomatically generated from firewall_v2 logs on Server_ID: MIAPX1
Category: Port Scan
Occurrences: 20
Unique Ports: 9
Destination Ports:
, 50000, 1522, 7800, 2400, 12700, 6900, 9800, 2822
First Seen:
2026-06-25 16:10 UTC
Last Seen:
2026-07-05 12:15 UTC
show less
Network port/address scan: probed 1 distinct port(s) across 64 host(s); 97% of connections received ...
show moreNetwork port/address scan: probed 1 distinct port(s) across 64 host(s); 97% of connections received no service (SYN, no reply) -- passive network sensor.
show less
[UniFi FW] Inbound network intrusion attempt on port 2444 | Policy: Region Blocking | Proto: TCP | S ...
show more[UniFi FW] Inbound network intrusion attempt on port 2444 | Policy: Region Blocking | Proto: TCP | Src: 221.131.139.70:60002 | SrcRegion: CN | Detected: 2026-07-05 05:23:53 UTC | ISP: China Mobile communications corporation | D2W UniFi AbuseIPDB Reporter v2
show less
[rede-arem1] 07/05/2026-03:43:11.216626, 221.131.139.70, Protocol: 6, ET CINS Active Threat Intellig ...
show more[rede-arem1] 07/05/2026-03:43:11.216626, 221.131.139.70, Protocol: 6, ET CINS Active Threat Intelligence Poor Reputation IP group 296
show less
Blocked by UFW on Jellyfin [2456/tcp]
Source port: 60002
TTL: 239
Packet length: 44
TOS: 0x08
This ...
show moreBlocked by UFW on Jellyfin [2456/tcp]
Source port: 60002
TTL: 239
Packet length: 44
TOS: 0x08
This report was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
Anonymous
2026-07-04T16:03:08.910281+01:00 vps kernel: [44917525.276662] [PORTSCAN DETECTED] IN=ens3 OUT= MAC= ...
show more2026-07-04T16:03:08.910281+01:00 vps kernel: [44917525.276662] [PORTSCAN DETECTED] IN=ens3 OUT= MAC=fa:16:3e:66:f6:24:02:37:19:0d:c2:f3:08:00 SRC=221.131.139.70 DST=54.37.14.118 LEN=40 TOS=0x00 PREC=0x00 TTL=236 ID=62256 PROTO=TCP SPT=60002 DPT=17200 WINDOW=1024 RES=0x00 SYN URGP=0
...
show less
[rede-arem1] 07/04/2026-08:28:43.667909, 221.131.139.70, Protocol: 6, ET CINS Active Threat Intellig ...
show more[rede-arem1] 07/04/2026-08:28:43.667909, 221.131.139.70, Protocol: 6, ET CINS Active Threat Intelligence Poor Reputation IP group 296
show less
Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 13800 [1] TCP
Reported by DisPaisy ...
show moreHoneypot [fra-de-honeypot]: Empty payload (likely service probe); 13800 [1] TCP
Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB
show less
Port Scan
Showing 1 to
15
of 481 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ