JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 159.138.102.196

159.138.102.196 was found in our database!

This IP was reported 288 times. Confidence of Abuse is 19%: ?

19%

ISP	Huawei-Cloud-SG
Usage Type	Data Center/Web Hosting/Transit
ASN	AS136907
Hostname(s)	ecs-159-138-102-196.compute.hwclouds-dns.com
Domain Name	huawei.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 159.138.102.196

Whois 159.138.102.196

IP Abuse Reports for 159.138.102.196:

This IP address has been reported a total of 288 times from 151 distinct sources. 159.138.102.196 was first reported on November 20th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇦 1gz	2026-06-15 04:14:33 (1 week ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/2 (GET method) ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/2 (GET method) Endpoint: /author/ebodini/page/77/ UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇱🇻 garmtech.com	2026-06-10 03:13:34 (2 weeks ago)	IM360 WAF: Interaction with fake plugin MV:/wp-content/plugins/easy-themes-manager/script.js	Web App Attack
🇫🇷 Sklurk	2026-06-08 10:40:21 (2 weeks ago)	Web App Attack	Web App Attack
🇨🇳 ThreatBook.io	2026-03-03 00:55:43 (3 months ago)	ThreatBook Intelligence: Dynamic IP more details on http://threatbook.io/ip/159.138.102.196	SSH
🇺🇸 bigscoots.com	2026-03-02 03:57:44 (3 months ago)	159.138.102.196 (SG/Singapore/ecs-159-138-102-196.compute.hwclouds-dns.com), 5 distributed sshd atta ... show more 159.138.102.196 (SG/Singapore/ecs-159-138-102-196.compute.hwclouds-dns.com), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Mar 1 21:55:53 18125 sshd[7252]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.138.102.196 user=root Mar 1 21:55:54 18125 sshd[7252]: Failed password for root from 159.138.102.196 port 54488 ssh2 Mar 1 21:56:46 18125 sshd[7399]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.46.197.92 user=root Mar 1 21:56:48 18125 sshd[7399]: Failed password for root from 113.46.197.92 port 48660 ssh2 Mar 1 21:57:34 18125 sshd[7531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.182.80.179 user=root IP Addresses Blocked: show less	Brute-Force SSH
🇩🇪 ShieldNet Security	2026-03-02 03:36:43 (3 months ago)	SSH brute-force attempt detected from IP 159.138.102.196: 2026-03-02T03:29:00.843181+00:00 [redacted ... show more SSH brute-force attempt detected from IP 159.138.102.196: 2026-03-02T03:29:00.843181+00:00 [redacted-hostname] sshd[1792522]: Failed password for invalid user root from 159.138.102.196 port 44082 ssh2 on 1772422602. show less	Port Scan Brute-Force SSH
🇫🇷 Asaman	2026-03-02 03:34:09 (3 months ago)	2026-03-02T04:28:29.868420+01:00 aligw01.aneirin.net sshd-session[3983]: Failed password for root fr ... show more 2026-03-02T04:28:29.868420+01:00 aligw01.aneirin.net sshd-session[3983]: Failed password for root from 159.138.102.196 port 40312 ssh2 2026-03-02T04:28:30.967637+01:00 aligw01.aneirin.net sshd-session[3983]: Disconnected from authenticating user root 159.138.102.196 port 40312 [preauth] 2026-03-02T04:34:09.321713+01:00 aligw01.aneirin.net sshd-session[4006]: Failed password for root from 159.138.102.196 port 59994 ssh2 ... show less	Brute-Force SSH
🇬🇧 Dario MB	2026-03-02 03:13:06 (3 months ago)	Mar 2 03:08:12 vmi1756752 sshd[1329445]: Failed password for root from 159.138.102.196 port 55814 s ... show more Mar 2 03:08:12 vmi1756752 sshd[1329445]: Failed password for root from 159.138.102.196 port 55814 ssh2 Mar 2 03:10:39 vmi1756752 sshd[1330401]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.138.102.196 user=root Mar 2 03:10:42 vmi1756752 sshd[1330401]: Failed password for root from 159.138.102.196 port 43578 ssh2 Mar 2 03:13:03 vmi1756752 sshd[1331362]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.138.102.196 user=root Mar 2 03:13:05 vmi1756752 sshd[1331362]: Failed password for root from 159.138.102.196 port 59568 ssh2 ... show less	Brute-Force SSH
Anonymous	2026-03-02 03:07:26 (3 months ago)	Fail2Ban detection - brute-force attempt (jail: sshd)	Brute-Force
🇯🇵 paradoxnetworks	2026-03-02 03:06:48 (3 months ago)	2026-03-02T03:04:28.332563+00:00 edge-tyo-con01.int.pdx.net.uk sshd[365646]: Failed password for roo ... show more 2026-03-02T03:04:28.332563+00:00 edge-tyo-con01.int.pdx.net.uk sshd[365646]: Failed password for root from 159.138.102.196 port 53038 ssh2 2026-03-02T03:06:45.951059+00:00 edge-tyo-con01.int.pdx.net.uk sshd[365830]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.138.102.196 user=root 2026-03-02T03:06:47.808260+00:00 edge-tyo-con01.int.pdx.net.uk sshd[365830]: Failed password for root from 159.138.102.196 port 40752 ssh2 ... show less	Brute-Force SSH
🇫🇷 kleine babykatze	2026-03-02 02:38:06 (3 months ago)	2026-03-02T03:35:37.155539+01:00 vmd172806 sshd[329370]: Failed password for root from 159.138.102.1 ... show more 2026-03-02T03:35:37.155539+01:00 vmd172806 sshd[329370]: Failed password for root from 159.138.102.196 port 52832 ssh2 2026-03-02T03:38:02.897166+01:00 vmd172806 sshd[330079]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.138.102.196 user=root 2026-03-02T03:38:05.215442+01:00 vmd172806 sshd[330079]: Failed password for root from 159.138.102.196 port 40572 ssh2 ... show less	Brute-Force SSH FTP Brute-Force
🇺🇸 bigscoots.com	2026-03-02 02:33:22 (3 months ago)	159.138.102.196 (SG/Singapore/ecs-159-138-102-196.compute.hwclouds-dns.com), 5 distributed sshd atta ... show more 159.138.102.196 (SG/Singapore/ecs-159-138-102-196.compute.hwclouds-dns.com), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Mar 1 20:32:47 14098 sshd[16965]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.138.102.196 user=root Mar 1 20:32:49 14098 sshd[16965]: Failed password for root from 159.138.102.196 port 53408 ssh2 Mar 1 20:32:50 14098 sshd[16967]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.178.26.96 user=root Mar 1 20:32:52 14098 sshd[16967]: Failed password for root from 51.178.26.96 port 44390 ssh2 Mar 1 20:33:14 14098 sshd[17030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.138.175.113 user=root IP Addresses Blocked: show less	Brute-Force SSH
🇩🇪 Phenix Info	2026-03-02 02:05:09 (3 months ago)	SSH Login failed	SSH
🇫🇮 pr0vieh	2026-03-02 01:54:21 (3 months ago)	2026-03-02T01:44:45.141854+00:00 Linux15 sshd-session[2743558]: pam_unix(sshd:auth): authentication ... show more 2026-03-02T01:44:45.141854+00:00 Linux15 sshd-session[2743558]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.138.102.196 user=root 2026-03-02T01:44:47.110767+00:00 Linux15 sshd-session[2743558]: Failed password for root from 159.138.102.196 port 37160 ssh2 2026-03-02T01:47:10.278027+00:00 Linux15 sshd-session[2762788]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.138.102.196 user=root 2026-03-02T01:47:12.712111+00:00 Linux15 sshd-session[2762788]: Failed password for root from 159.138.102.196 port 54362 ssh2 2026-03-02T01:49:31.200267+00:00 Linux15 sshd-session[2779701]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.138.102.196 user=root 2026-03-02T01:49:33.239084+00:00 Linux15 sshd-session[2779701]: Failed password for root from 159.138.102.196 port 42868 ssh2 2026-03-02T01:51:51.132405+00:00 Linux15 sshd-session[2798417]: pam_unix(sshd:auth): ... show less	Brute-Force SSH
🇺🇸 bigscoots.com	2026-03-02 01:38:27 (3 months ago)	(sshd) Failed SSH login from 159.138.102.196 (SG/Singapore/ecs-159-138-102-196.compute.hwclouds-dns. ... show more (sshd) Failed SSH login from 159.138.102.196 (SG/Singapore/ecs-159-138-102-196.compute.hwclouds-dns.com): 5 in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_SSHD; Logs: Mar 2 01:30:23 24013 sshd[25643]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.138.102.196 user=root Mar 2 01:30:25 24013 sshd[25643]: Failed password for root from 159.138.102.196 port 57806 ssh2 Mar 2 01:35:45 24013 sshd[26079]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.138.102.196 user=root Mar 2 01:35:47 24013 sshd[26079]: Failed password for root from 159.138.102.196 port 46270 ssh2 Mar 2 01:38:05 24013 sshd[26318]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.138.102.196 user=root show less	Brute-Force SSH

Showing 1 to 15 of 288 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 118.71.20.55

🇺🇸 108.171.104.92

🇺🇸 108.171.102.10

🇫🇷 91.231.89.71

🇨🇳 49.75.185.71

🇨🇳 218.205.34.19

🇩🇪 213.209.159.11

🇧🇪 198.235.24.228

🇺🇸 172.191.178.196

🇮🇩 163.7.3.26

🇩🇪 151.243.11.35

🇺🇸 104.249.167.29

🇺🇸 104.36.176.154

🇻🇳 103.176.24.57

🇫🇷 91.231.89.172

🇺🇸 66.132.186.212

🇮🇶 65.20.158.10

🇺🇸 64.62.197.207

🇨🇳 47.116.68.235

🇸🇨 45.194.67.28