JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 59.38.131.149

59.38.131.149 was found in our database!

This IP was reported 221 times. Confidence of Abuse is 100%: ?

100%

ISP	CHINANET Guangdong province network
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Shenzhen, Guangdong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 59.38.131.149

Whois 59.38.131.149

IP Abuse Reports for 59.38.131.149:

This IP address has been reported a total of 221 times from 166 distinct sources. 59.38.131.149 was first reported on April 4th 2026, and the most recent report was 20 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 dispaisyenterprises	2026-05-31 02:55:18 (4 days ago)	Honeypot [fra-de-honeypot]: Unauthorized connection attempt detected on 22/SSH Reported by DisPaisy ... show more Honeypot [fra-de-honeypot]: Unauthorized connection attempt detected on 22/SSH Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	SSH Port Scan
🇫🇮 Luhte	2026-05-31 01:43:03 (4 days ago)	10 unauthorised SSH/Telnet login attempts between 2026-05-31T01:37:23Z and 2026-05-31T01:43:03Z	Brute-Force SSH
🇩🇪 ghostwarriors	2026-05-31 01:20:02 (4 days ago)	Unauthorized connection attempt detected, SSH Brute-Force	Brute-Force Port Scan SSH
🇩🇪 -SK-	2026-05-31 00:22:54 (4 days ago)	NBG (f2b jail:sshd, abuse	Brute-Force SSH
🇩🇪 ipcop.net	2026-05-30 23:58:17 (4 days ago)	2026-05-31T01:51:08.673839+02:00 mail.srvfarm.net sshd-session[1248039]: Invalid user adminsys from ... show more 2026-05-31T01:51:08.673839+02:00 mail.srvfarm.net sshd-session[1248039]: Invalid user adminsys from 59.38.131.149 port 35558 2026-05-31T01:51:08.924826+02:00 mail.srvfarm.net sshd-session[1248039]: Disconnected from invalid user adminsys 59.38.131.149 port 35558 [preauth] 2026-05-31T01:54:40.069801+02:00 mail.srvfarm.net sshd-session[1249932]: Invalid user raj from 59.38.131.149 port 39700 2026-05-31T01:54:40.292095+02:00 mail.srvfarm.net sshd-session[1249932]: Disconnected from invalid user raj 59.38.131.149 port 39700 [preauth] 2026-05-31T01:58:16.118595+02:00 mail.srvfarm.net sshd-session[1252354]: Invalid user steam from 59.38.131.149 port 51466 show less	Brute-Force
🇮🇩 Konaa	2026-05-30 23:17:32 (4 days ago)	May 31 06:16:48 rapi sshd[2950992]: Invalid user xmr from 59.38.131.149 port 50778 May 31 06:16:48 r ... show more May 31 06:16:48 rapi sshd[2950992]: Invalid user xmr from 59.38.131.149 port 50778 May 31 06:16:48 rapi sshd[2950992]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.38.131.149 May 31 06:16:50 rapi sshd[2950992]: Failed password for invalid user xmr from 59.38.131.149 port 50778 ssh2 May 31 06:16:52 rapi sshd[2950992]: Disconnected from invalid user xmr 59.38.131.149 port 50778 [preauth] show less	Brute-Force SSH
🇩🇪 CDiehl	2026-05-30 23:16:33 (4 days ago)	May 31 01:16:31 centrum sshd-session[7011]: Invalid user xmr from 59.38.131.149 port 48738 May 31 01 ... show more May 31 01:16:31 centrum sshd-session[7011]: Invalid user xmr from 59.38.131.149 port 48738 May 31 01:16:32 centrum sshd-session[7011]: Disconnected from invalid user xmr 59.38.131.149 port 48738 [preauth] ... show less	Brute-Force SSH
🇩🇪 formality	2026-05-30 20:51:36 (4 days ago)	Invalid user admin from 59.38.131.149 port 60904	Brute-Force SSH
🇩🇪 mutebefehl	2026-05-30 19:47:42 (4 days ago)	Aggressive SSH attack	Brute-Force SSH
🇺🇸 jfc	2026-05-30 17:57:09 (4 days ago)	2026-05-30T11:40:13.564409-06:00 oracle7 sshd[2480417]: Invalid user user1 from 59.38.131.149 port 5 ... show more 2026-05-30T11:40:13.564409-06:00 oracle7 sshd[2480417]: Invalid user user1 from 59.38.131.149 port 56326 2026-05-30T11:54:04.625382-06:00 oracle7 sshd[2489790]: Invalid user geoserver from 59.38.131.149 port 55502 2026-05-30T11:57:08.697037-06:00 oracle7 sshd[2491792]: Invalid user sms from 59.38.131.149 port 42796 ... show less	Brute-Force SSH
🇩🇪 Michal Piechowski	2026-05-30 17:13:37 (4 days ago)	2026-05-30T19:04:00.152300+02:00 ubuntu-iqw sshd[2642526]: Invalid user smp from 59.38.131.149 port ... show more 2026-05-30T19:04:00.152300+02:00 ubuntu-iqw sshd[2642526]: Invalid user smp from 59.38.131.149 port 39684 2026-05-30T19:04:00.362423+02:00 ubuntu-iqw sshd[2642526]: Disconnected from invalid user smp 59.38.131.149 port 39684 [preauth] 2026-05-30T19:13:36.874056+02:00 ubuntu-iqw sshd[2651527]: Disconnected from authenticating user root 59.38.131.149 port 42536 [preauth] ... show less	Brute-Force SSH
🇩🇪 Viveronese	2026-05-30 16:08:09 (4 days ago)	SSH brute force attacks	Brute-Force SSH
🇨🇿 lp	2026-05-30 13:49:05 (4 days ago)	SSH Brute force: 2 attempts were recorded from 59.38.131.149 2026-05-30T14:32:16+02:00 Disconnected ... show more SSH Brute force: 2 attempts were recorded from 59.38.131.149 2026-05-30T14:32:16+02:00 Disconnected from authenticating user root 59.38.131.149 port 36286 [preauth] 2026-05-30T14:46:53+02:00 Disconnected from authenticating user root 59.38.131.149 port 59928 [preauth] show less	Brute-Force SSH
Anonymous	2026-05-30 12:45:21 (5 days ago)	sshd: Invalid user rahul from 59.38.131.149 port 34528 sshd: Invalid user ubuntu from 59.38.131.149 ... show more sshd: Invalid user rahul from 59.38.131.149 port 34528 sshd: Invalid user ubuntu from 59.38.131.149 port 57490 show less	Brute-Force SSH
🇩🇪 ghostwarriors	2026-05-30 12:20:05 (5 days ago)	Unauthorized connection to FTP port 21	FTP Brute-Force Brute-Force

Showing 106 to 120 of 221 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 119.13.78.255

🇨🇳 101.34.249.202

🇩🇪 213.209.159.56

🇪🇬 197.44.15.210

🇫🇷 176.125.224.179

🇩🇪 172.70.246.178

🇺🇸 162.216.149.5

🇵🇰 103.166.103.173

🇺🇸 2604:a880:400:d1:0:4:6c7a:5001

🇺🇸 209.38.70.156

🇺🇸 195.184.76.174

🇨🇴 190.0.63.226

🇳🇱 176.65.139.103

🇺🇸 147.182.247.10

🇵🇭 123.253.136.204

🇨🇳 123.245.84.118

🇱🇹 81.30.98.44

🇭🇰 47.76.137.73

🇸🇬 8.219.85.120

🇯🇵 8.216.0.142