JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 59.38.131.149

59.38.131.149 was found in our database!

This IP was reported 219 times. Confidence of Abuse is 100%: ?

100%

ISP	CHINANET Guangdong province network
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Shenzhen, Guangdong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 59.38.131.149

Whois 59.38.131.149

IP Abuse Reports for 59.38.131.149:

This IP address has been reported a total of 219 times from 164 distinct sources. 59.38.131.149 was first reported on April 4th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 alph44	2026-06-04 10:01:15 (1 hour ago)	SSH brute force attack detected: 5 failed attempts	Brute-Force
🇩🇪 24-seven.io	2026-06-04 09:59:41 (1 hour ago)	2026-06-04T10:54:39.874781+01:00 cow sshd-session[2940439]: Failed password for invalid user alireza ... show more 2026-06-04T10:54:39.874781+01:00 cow sshd-session[2940439]: Failed password for invalid user alireza from 59.38.131.149 port 41358 ssh2 2026-06-04T10:58:42.034321+01:00 cow sshd-session[2943653]: Invalid user sysadmin from 59.38.131.149 port 49084 2026-06-04T10:58:42.038519+01:00 cow sshd-session[2943653]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.38.131.149 2026-06-04T10:58:44.076042+01:00 cow sshd-session[2943653]: Failed password for invalid user sysadmin from 59.38.131.149 port 49084 ssh2 2026-06-04T10:59:40.981689+01:00 cow sshd-session[2944444]: Invalid user harry from 59.38.131.149 port 60834 ... show less	Brute-Force SSH
Anonymous	2026-06-04 07:32:56 (3 hours ago)	Jun 4 10:29:12 38 sshd[2264039]: Invalid user dev from 59.38.131.149 port 46428 Jun 4 10:29:42 38 ... show more Jun 4 10:29:12 38 sshd[2264039]: Invalid user dev from 59.38.131.149 port 46428 Jun 4 10:29:42 38 sshd[2264043]: Invalid user frappe from 59.38.131.149 port 52078 Jun 4 10:30:16 38 sshd[2264060]: Invalid user junior from 59.38.131.149 port 57722 Jun 4 10:30:46 38 sshd[2264063]: Invalid user sambauser from 59.38.131.149 port 35144 Jun 4 10:32:56 38 sshd[2264085]: Invalid user clamav from 59.38.131.149 port 57714 ... show less	Brute-Force SSH
🇨🇭 ScanThe.Net	2026-06-04 07:21:15 (3 hours ago)	ID: 3851198519 \| PORT: 39829 \| https://59-38-131-149.scanthe.net	Port Scan
🇨🇭 ScanThe.Net	2026-06-04 05:53:36 (5 hours ago)	ID: 3849592277 \| PORT: 36036 \| https://59-38-131-149.scanthe.net	Port Scan
🇩🇪 hispasign	2026-06-04 05:40:08 (5 hours ago)	SSH Bruteforce Attempt [node 3]	Brute-Force SSH
🇨🇭 ScanThe.Net	2026-06-04 05:07:15 (6 hours ago)	ID: 3848716695 \| PORT: 8935 \| https://59-38-131-149.scanthe.net	Port Scan
🇩🇪 Richie	2026-06-04 04:21:44 (6 hours ago)	[HOST1] Port Scan detected	Port Scan
🇩🇪 arc21	2026-06-04 02:30:22 (8 hours ago)	2026-06-04T02:27:02.148037+00:00 Dokploy sshd[3570929]: Invalid user infinity from 59.38.131.149 por ... show more 2026-06-04T02:27:02.148037+00:00 Dokploy sshd[3570929]: Invalid user infinity from 59.38.131.149 port 33792 2026-06-04T02:27:36.191314+00:00 Dokploy sshd[3570991]: Invalid user parth from 59.38.131.149 port 42846 2026-06-04T02:28:10.329578+00:00 Dokploy sshd[3571064]: Invalid user vmuser from 59.38.131.149 port 51568 2026-06-04T02:29:50.689775+00:00 Dokploy sshd[3571291]: Invalid user koha from 59.38.131.149 port 50588 2026-06-04T02:30:21.238224+00:00 Dokploy sshd[3571357]: Invalid user gituser from 59.38.131.149 port 58764 ... show less	Brute-Force SSH
🇨🇳 Indexyz	2026-06-04 01:44:33 (9 hours ago)	2026-06-04T09:41:01.567697+08:00 hostname sshd-session[145450]: Invalid user admin from 59.38.131. ... show more 2026-06-04T09:41:01.567697+08:00 hostname sshd-session[145450]: Invalid user admin from 59.38.131.149 port 34508 2026-06-04T09:42:49.864765+08:00 hostname sshd-session[145500]: Connection from 59.38.131.149 port 54742 on 10.89.160.7 port 22 rdomain "" 2026-06-04T09:42:50.105514+08:00 hostname sshd-session[145500]: Invalid user jack from 59.38.131.149 port 54742 2026-06-04T09:44:31.977300+08:00 hostname sshd-session[145590]: Connection from 59.38.131.149 port 46716 on 10.89.160.7 port 22 rdomain "" 2026-06-04T09:44:32.220269+08:00 hostname sshd-session[145590]: Invalid user username from 59.38.131.149 port 46716 show less	Brute-Force SSH
🇩🇪 ipcop.net	2026-06-04 01:40:35 (9 hours ago)	2026-06-04T03:31:14.113860+02:00 router02.wira-gmbh.de sshd[3891584]: Invalid user u1 from 59.38.131 ... show more 2026-06-04T03:31:14.113860+02:00 router02.wira-gmbh.de sshd[3891584]: Invalid user u1 from 59.38.131.149 port 38460 2026-06-04T03:31:14.299763+02:00 router02.wira-gmbh.de sshd[3891584]: Disconnected from invalid user u1 59.38.131.149 port 38460 [preauth] 2026-06-04T03:39:38.693989+02:00 router02.wira-gmbh.de sshd[3893901]: Invalid user user10 from 59.38.131.149 port 53948 2026-06-04T03:39:38.901782+02:00 router02.wira-gmbh.de sshd[3893901]: Disconnected from invalid user user10 59.38.131.149 port 53948 [preauth] 2026-06-04T03:40:35.070799+02:00 router02.wira-gmbh.de sshd[3894390]: Connection closed by 59.38.131.149 port 35844 [preauth] show less	Brute-Force
🇺🇸 COMPLEX	2026-06-04 00:56:35 (10 hours ago)	Banned by Multi Agent · node …mie7 · attempts=5 · SSH brute-force / scan	Brute-Force SSH
🇵🇹 facha	2026-06-04 00:22:32 (10 hours ago)	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2026-06-03T23:50:00Z and 2026-06- ... show more Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2026-06-03T23:50:00Z and 2026-06-04T00:22:32Z show less	Brute-Force SSH
🇳🇱 xTom	2026-06-04 00:05:45 (11 hours ago)	2026-06-04T00:00:04.296834+00:00 cdn-nl sshd[280160]: Invalid user ftpuser2 from 59.38.131.149 port ... show more 2026-06-04T00:00:04.296834+00:00 cdn-nl sshd[280160]: Invalid user ftpuser2 from 59.38.131.149 port 41558 2026-06-04T00:04:19.227438+00:00 cdn-nl sshd[280195]: Invalid user howard from 59.38.131.149 port 60964 2026-06-04T00:05:44.510306+00:00 cdn-nl sshd[280214]: Invalid user mcserver from 59.38.131.149 port 48610 ... show less	Brute-Force SSH
Anonymous	2026-06-04 00:01:07 (11 hours ago)	2026-06-04T01:51:03.227971 www.yerkanian.com sshd[818970]: pam_unix(sshd:auth): authentication failu ... show more 2026-06-04T01:51:03.227971 www.yerkanian.com sshd[818970]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.38.131.149 2026-06-04T01:51:05.339971 www.yerkanian.com sshd[818970]: Failed password for invalid user fran from 59.38.131.149 port 52322 ssh2 2026-06-04T01:55:21.700887 www.yerkanian.com sshd[818998]: Invalid user user from 59.38.131.149 port 43500 2026-06-04T01:55:21.706792 www.yerkanian.com sshd[818998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.38.131.149 2026-06-04T01:55:23.904162 www.yerkanian.com sshd[818998]: Failed password for invalid user user from 59.38.131.149 port 43500 ssh2 2026-06-04T02:01:01.386415 www.yerkanian.com sshd[819041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.38.131.149 user=root 2026-06-04T02:01:03.593624 www.yerkanian.com sshd[819041]: Failed password for root from 59.38.131.149 port 50552 ssh2 ... show less	Brute-Force SSH

Showing 1 to 15 of 219 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇸 213.201.70.56

🇰🇭 202.62.53.5

🇬🇧 185.247.137.4

🇺🇸 172.253.7.92

🇩🇪 167.94.146.37

🇸🇬 129.212.239.32

🇮🇳 123.58.203.202

🇺🇸 71.6.233.2

🇺🇸 66.132.172.155

🇺🇸 12.55.211.58

🇺🇸 216.73.163.196

🇪🇨 186.4.240.226

🇨🇳 182.136.89.164

🇺🇸 157.245.169.157

🇮🇳 157.45.253.15

🇺🇸 91.230.168.119

🇨🇦 89.251.0.14

🇸🇬 68.178.160.25

🇭🇰 47.238.159.102

🇺🇸 44.192.144.176