JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 157.10.48.89

157.10.48.89 was found in our database!

This IP was reported 316 times. Confidence of Abuse is 100%: ?

100%

ISP	K-SERVER NETWORK SERVICES COMPANY LIMITED
Usage Type	Data Center/Web Hosting/Transit
ASN	AS63737
Domain Name	kcloudvn.com
Country	🇻🇳 Viet Nam
City	Hanoi, Hanoi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 157.10.48.89

Whois 157.10.48.89

IP Abuse Reports for 157.10.48.89:

This IP address has been reported a total of 316 times from 93 distinct sources. 157.10.48.89 was first reported on March 6th 2026, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 LiftUp Hosting	2026-06-18 04:08:31 (6 hours ago)	Honeypot hit: MSSQL traffic (on 1433) with username sa and empty password	Brute-Force
🇩🇪 Da_tschek	2026-06-17 19:03:58 (15 hours ago)	Port scanning	Port Scan Hacking
Anonymous	2026-06-17 05:17:28 (1 day ago)	<jail> banned by fail2ban	Brute-Force Web App Attack
🇺🇸 micropedro	2026-06-17 04:31:04 (1 day ago)	3 incidents: malicious activity. First: 2026-06-10 00:05, Last: 2026-06-17 00:31 UTC. Triggers: ufw- ... show more 3 incidents: malicious activity. First: 2026-06-10 00:05, Last: 2026-06-17 00:31 UTC. Triggers: ufw-repeater. show less	Port Scan
🇩🇪 Admins@FBN	2026-06-17 04:03:33 (1 day ago)	FW-PortScan: Traffic Blocked srcport=42961 dstport=445	Port Scan
🇫🇷 TheHoneyPotter	2026-06-17 01:33:01 (1 day ago)	Honeypot [fc-honeypot]: MSSQL traffic (on 1433) with username sa and empty password Reported by: htt ... show more Honeypot [fc-honeypot]: MSSQL traffic (on 1433) with username sa and empty password Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Brute-Force
🇺🇸 Bankbook8585	2026-06-16 22:22:28 (1 day ago)	T-Pot honeypot \| Dionaea honeypot: mssqld	Port Scan Hacking
🇩🇪 iNetWorker	2026-06-16 19:51:51 (1 day ago)	firewall-block, port(s): 1433/tcp	Port Scan
🇦🇩 bakunin1848	2026-06-16 19:19:04 (1 day ago)	Firewall IPS Detection on 16-06-2026 at 21:19:04	Port Scan Exploited Host
🇩🇪 D3RP4UL	2026-06-16 06:29:59 (2 days ago)	MSSQL traffic (on 1433) with username sa and empty password	Brute-Force
🇷🇸 Scan	2026-06-16 02:11:30 (2 days ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇷🇸 Smel	2026-06-16 01:38:03 (2 days ago)	SQL/MH Probe, Scan, Hack -	Port Scan Hacking SQL Injection
🇦🇹 urnilxfgbez	2026-06-15 22:45:00 (2 days ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇱🇹 NotACaptcha	2026-06-15 13:22:57 (2 days ago)	Unauthorised access (Jun 15 16:22) SRC=157.10.48.89 LEN=40 TTL=236 ID=64390 TCP DPT=445 WINDOW=1024 ... show more Unauthorised access (Jun 15 16:22) SRC=157.10.48.89 LEN=40 TTL=236 ID=64390 TCP DPT=445 WINDOW=1024 SYN show less	Port Scan
🇺🇸 cwytech	2026-06-14 22:30:13 (3 days ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/global-exclusion-high.	Hacking

Showing 1 to 15 of 316 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.149.125

🇫🇷 92.204.55.82

🇺🇸 50.247.189.189

🇸🇬 8.222.240.187

🇳🇱 172.94.9.63

🇺🇸 172.93.106.153

🇺🇸 147.182.225.86

🇭🇰 118.193.34.5

🇰🇷 106.245.246.26

🇨🇳 106.13.109.25

🇳🇬 105.112.219.178

🇿🇦 102.220.87.78

🇨🇳 101.126.85.58

🇨🇦 85.217.149.63

🇳🇱 77.83.39.43

🇸🇬 47.82.14.182

🇸🇬 47.79.10.45

🇴🇲 2001:1670:12:41b7:ab1d:78ed:5852:c79f

🇨🇳 220.181.51.116

🇺🇦 213.227.245.154