JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.221.19.138

154.221.19.138 was found in our database!

This IP was reported 174 times. Confidence of Abuse is 100%: ?

100%

ISP	Yisu Cloud Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS142403
Domain Name	cloudinnovation.org
Country	🇭🇰 Hong Kong
City	Tung Chung, Islands

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.221.19.138

Whois 154.221.19.138

IP Abuse Reports for 154.221.19.138:

This IP address has been reported a total of 174 times from 79 distinct sources. 154.221.19.138 was first reported on June 12th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 centurion	2026-06-21 00:32:06 (1 hour ago)	Blocked by UFW on ns02 [23/tcp] Source port: 57912 TTL: 48 Packet length: 40 TOS: 0x00 This report ... show more Blocked by UFW on ns02 [23/tcp] Source port: 57912 TTL: 48 Packet length: 40 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Hacking Brute-Force
🇬🇧 gbzret4d	2026-06-21 00:27:55 (1 hour ago)	Honeypot [uk-production01]: Unauthorized connection attempt detected on 22/SSH • Client: SSH-2.0-lib ... show more Honeypot [uk-production01]: Unauthorized connection attempt detected on 22/SSH • Client: SSH-2.0-libssh2_1.11.1 show less	SSH Port Scan
🇩🇪 Admins@FBN	2026-06-20 23:09:28 (2 hours ago)	FW-PortScan: Traffic Blocked srcport=54443 dstport=23	Port Scan
🇦🇹 urnilxfgbez	2026-06-20 22:45:00 (3 hours ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 RAP	2026-06-20 21:40:53 (4 hours ago)	2026-06-20 21:40:53 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇩🇪 _ArminS_	2026-06-20 21:07:28 (4 hours ago)	SP-Scan 41246:2375 detected 2026.06.20 23:07:28 blocked until 2026.08.09 16:10:15	Port Scan
🇨🇭 SOC [GOLINE SA]	2026-06-20 21:03:40 (4 hours ago)	FortiGate detected IPS attack from IPv4 address 154.221.19.138	Hacking
🇺🇸 MPL	2026-06-20 20:45:31 (5 hours ago)	tcp/22	Port Scan
🇩🇪 anycast_ac	2026-06-20 19:51:12 (5 hours ago)	[mirai-detector honeypot] Inbound attack against our honeypot on tcp/23 (telnet). Tried credentials: ... show more [mirai-detector honeypot] Inbound attack against our honeypot on tcp/23 (telnet). Tried credentials: b'admin':b'admin' Family fingerprint: mirai Commands captured: $ echo -e "\x61\x75\x74\x68\x5F\x6F\x6B\x0A" show less	DDoS Attack IoT Targeted Brute-Force
🇺🇸 anon333	2026-06-20 19:33:19 (6 hours ago)	Hacker syslog review 1781983999	Hacking
Anonymous	2026-06-20 18:41:30 (7 hours ago)	SSH brute force attempt. User: admin, Pass: [REDACTED]	Brute-Force SSH
🇩🇪 Lino Project	2026-06-20 14:58:49 (10 hours ago)	CrowdSec abuse IP report (host SRV-2) Scenario: crowdsecurity/http-cve-2021-41773	Hacking
🇺🇸 RAP	2026-06-20 11:14:34 (14 hours ago)	2026-06-20 11:14:34 UTC Unauthorized activity to TCP port 22. SSH	SSH
🇺🇸 MPL	2026-06-20 10:08:04 (15 hours ago)	tcp/23 (2 or more attempts)	Port Scan
🇩🇪 TrickZ0ne	2026-06-20 10:00:14 (15 hours ago)	Failed login attempt for user admin on port unknown, total attempts: 1	Brute-Force

Showing 1 to 15 of 174 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 200.232.114.71

🇧🇷 177.200.44.29

🇵🇪 161.132.50.236

🇯🇵 152.32.147.106

🇫🇮 147.185.133.240

🇩🇪 130.12.180.15

🇨🇳 123.160.173.84

🇻🇳 103.82.20.108

🇳🇱 93.123.72.183

🇷🇺 83.171.89.209

🇳🇱 77.83.39.42

🇳🇱 45.148.10.152

🇨🇲 41.204.82.238

🇨🇳 221.12.37.6

🇰🇷 218.157.163.203

🇺🇸 207.46.13.150

🇬🇧 193.163.125.74

🇨🇳 183.224.79.111

🇷🇺 95.108.213.145

🇮🇹 93.92.73.193