JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 101.96.202.48

101.96.202.48 was found in our database!

This IP was reported 762 times. Confidence of Abuse is 100%: ?

100%

ISP	Beijing Volcano Engine Technology Co., Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137718
Domain Name	bytedance.com
Country	🇨🇳 China
City	Guangzhou, Guangdong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 101.96.202.48

Whois 101.96.202.48

IP Abuse Reports for 101.96.202.48:

This IP address has been reported a total of 762 times from 330 distinct sources. 101.96.202.48 was first reported on May 5th 2026, and the most recent report was 28 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 kleine babykatze	2026-05-07 15:01:40 (3 weeks ago)	2026-05-07T16:58:17.550161+02:00 vmd177327 sshd[1062995]: pam_unix(sshd:auth): authentication failur ... show more 2026-05-07T16:58:17.550161+02:00 vmd177327 sshd[1062995]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.96.202.48 user=root 2026-05-07T16:58:19.145505+02:00 vmd177327 sshd[1062995]: Failed password for root from 101.96.202.48 port 39100 ssh2 2026-05-07T17:01:39.343907+02:00 vmd177327 sshd[1070377]: Invalid user admin from 101.96.202.48 port 39016 ... show less	Brute-Force SSH FTP Brute-Force
🇩🇪 ipcop.net	2026-05-07 14:54:43 (3 weeks ago)	2026-05-07T16:46:18.987739+02:00 guestgw-router01.remscheid.de sshd-session[3486963]: Disconnected f ... show more 2026-05-07T16:46:18.987739+02:00 guestgw-router01.remscheid.de sshd-session[3486963]: Disconnected from authenticating user root 101.96.202.48 port 47080 [preauth] 2026-05-07T16:50:15.141619+02:00 guestgw-router01.remscheid.de sshd-session[3487541]: Disconnected from authenticating user root 101.96.202.48 port 59178 [preauth] 2026-05-07T16:51:07.286398+02:00 guestgw-router01.remscheid.de sshd-session[3487686]: Disconnected from authenticating user root 101.96.202.48 port 33806 [preauth] 2026-05-07T16:52:46.304302+02:00 guestgw-router01.remscheid.de sshd-session[3487925]: Connection closed by 101.96.202.48 port 40032 [preauth] 2026-05-07T16:54:42.454368+02:00 guestgw-router01.remscheid.de sshd-session[3488036]: Connection reset by 101.96.202.48 port 33264 [preauth] show less	Brute-Force
🇺🇸 bigscoots.com	2026-05-07 09:17:55 (3 weeks ago)	101.96.202.48 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Port ... show more 101.96.202.48 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: May 7 04:11:01 10854 sshd[31853]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.96.202.48 user=root May 7 04:11:03 10854 sshd[31853]: Failed password for root from 101.96.202.48 port 46808 ssh2 May 7 04:06:41 10854 sshd[31444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.145.246.44 user=root May 7 04:06:43 10854 sshd[31444]: Failed password for root from 118.145.246.44 port 41140 ssh2 May 7 04:17:44 10854 sshd[32482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.145.246.44 user=root IP Addresses Blocked: show less	Brute-Force SSH
🇺🇸 kevinpez	2026-05-07 06:00:19 (3 weeks ago)	Honeypot detection - SSH: 2 attempts	Port Scan SSH
🇺🇸 kamendozaa2024	2026-05-07 05:17:58 (3 weeks ago)	2026-05-07T00:06:06.878385-05:00 srvcarevalo sshd[1048]: pam_unix(sshd:auth): authentication failure ... show more 2026-05-07T00:06:06.878385-05:00 srvcarevalo sshd[1048]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.96.202.48 2026-05-07T00:06:09.351348-05:00 srvcarevalo sshd[1048]: Failed password for invalid user erp from 101.96.202.48 port 42428 ssh2 2026-05-07T00:17:44.944660-05:00 srvcarevalo sshd[2264]: Invalid user username from 101.96.202.48 port 35366 ... show less	Brute-Force SSH Port Scan
🇫🇷 mouafiq	2026-05-07 04:43:23 (3 weeks ago)	May 7 06:36:35 vps789833 sshd[795]: Failed password for root from 101.96.202.48 port 36414 ssh2 May ... show more May 7 06:36:35 vps789833 sshd[795]: Failed password for root from 101.96.202.48 port 36414 ssh2 May 7 06:41:59 vps789833 sshd[872]: Failed password for root from 101.96.202.48 port 33372 ssh2 show less	Brute-Force SSH
🇩🇪 nicosqc	2026-05-07 04:19:43 (3 weeks ago)	Invalid user test1 from 101.96.202.48 port 46848	Brute-Force SSH
🇩🇪 nicosqc	2026-05-07 04:19:43 (3 weeks ago)	Invalid user test1 from 101.96.202.48 port 46848	Brute-Force SSH
🇦🇺 aglenday	2026-05-07 03:24:34 (3 weeks ago)	Honeypot hit: Brute-force attack detected on 22/SSH • Credential used: sysadmin:admin123 • Number of ... show more Honeypot hit: Brute-force attack detected on 22/SSH • Credential used: sysadmin:admin123 • Number of login attempts: 1 • Client: SSH-2.0-libssh_0.12.0 show less	SSH
🇩🇪 mygcode.de	2026-05-07 03:16:02 (3 weeks ago)	sshd Bruteforce attack	Brute-Force
Anonymous	2026-05-07 02:35:36 (3 weeks ago)	2026-05-07T02:33:00.317635+00:00 web01.mdo-cloud.net sshd[217964]: Failed password for root from 101 ... show more 2026-05-07T02:33:00.317635+00:00 web01.mdo-cloud.net sshd[217964]: Failed password for root from 101.96.202.48 port 43002 ssh2 2026-05-07T02:34:17.433211+00:00 web01.mdo-cloud.net sshd[217972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.96.202.48 user=root 2026-05-07T02:34:18.731792+00:00 web01.mdo-cloud.net sshd[217972]: Failed password for root from 101.96.202.48 port 51058 ssh2 2026-05-07T02:35:33.902528+00:00 web01.mdo-cloud.net sshd[218001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.96.202.48 user=root 2026-05-07T02:35:35.967786+00:00 web01.mdo-cloud.net sshd[218001]: Failed password for root from 101.96.202.48 port 48590 ssh2 ... show less	Brute-Force SSH Web App Attack FTP Brute-Force Port Scan Hacking
🇫🇷 forhosting	2026-05-07 02:35:30 (3 weeks ago)	2026-05-07T04:32:54.832894 vps773228.ovh.net sshd[24886]: Failed password for root from 101.96.202.4 ... show more 2026-05-07T04:32:54.832894 vps773228.ovh.net sshd[24886]: Failed password for root from 101.96.202.48 port 40850 ssh2 2026-05-07T04:34:12.207508 vps773228.ovh.net sshd[24901]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.96.202.48 user=root 2026-05-07T04:34:14.154116 vps773228.ovh.net sshd[24901]: Failed password for root from 101.96.202.48 port 39400 ssh2 2026-05-07T04:35:29.069078 vps773228.ovh.net sshd[24912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.96.202.48 user=root 2026-05-07T04:35:30.252280 vps773228.ovh.net sshd[24912]: Failed password for root from 101.96.202.48 port 48814 ssh2 ... show less	Brute-Force SSH
🇺🇸 bigscoots.com	2026-05-07 02:31:42 (3 weeks ago)	101.96.202.48 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Port ... show more 101.96.202.48 (CN/China/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: May 6 21:31:26 14048 sshd[29315]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.96.202.48 user=root May 6 21:27:31 14048 sshd[27723]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.180.79.132 user=root May 6 21:27:33 14048 sshd[27723]: Failed password for root from 158.180.79.132 port 58898 ssh2 May 6 21:20:08 14048 sshd[24009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.96.202.48 user=root May 6 21:20:11 14048 sshd[24009]: Failed password for root from 101.96.202.48 port 45546 ssh2 IP Addresses Blocked: show less	Brute-Force SSH
Anonymous	2026-05-07 02:19:15 (4 weeks ago)	May 7 04:19:14 sshd-session[10982]: User root from 101.96.202.48 not allowed because not listed in ... show more May 7 04:19:14 sshd-session[10982]: User root from 101.96.202.48 not allowed because not listed in AllowUsers May 7 04:19:15 sshd-session[10982]: Received disconnect from 101.96.202.48 port 44156:11: Bye Bye [preauth] ... show less	Brute-Force SSH
🇩🇪 aorth	2026-05-07 01:40:06 (4 weeks ago)	May 07 03:40:06 Invalid user adminuser from 101.96.202.48 port 40058	Brute-Force SSH

Showing 706 to 720 of 762 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 91.231.89.128

🇷🇴 80.94.95.118

🇩🇪 213.209.159.45

🇲🇽 201.149.53.243

🇧🇪 198.235.24.252

🇧🇷 177.36.214.46

🇺🇸 167.71.95.42

🇺🇸 157.230.63.243

🇩🇪 138.68.108.171

🇺🇸 136.118.192.122

🇮🇳 122.166.223.194

🇺🇸 98.80.4.79

🇫🇷 91.231.89.130

🇺🇸 66.132.186.216

🇳🇱 45.148.10.151

🇺🇸 205.210.31.48

🇬🇧 193.163.125.64

🇧🇼 168.167.228.74

🇨🇳 153.0.124.53

🇩🇪 138.68.66.208