JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 159.138.135.200

159.138.135.200 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 0%: ?

ISP	Huawei HongKong Clouds
Usage Type	Data Center/Web Hosting/Transit
ASN	AS136907
Hostname(s)	ecs-159-138-135-200.compute.hwclouds-dns.com
Domain Name	huawei.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 159.138.135.200

Whois 159.138.135.200

IP Abuse Reports for 159.138.135.200:

This IP address has been reported a total of 7 times from 4 distinct sources. 159.138.135.200 was first reported on February 26th 2026, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-03-03 23:37:19 (3 months ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-03-03 12:35:02 (3 months ago)	(mod_security) mod_security (id:240950) triggered by 159.138.135.200 (ecs-159-138-135-200.compute.hw ... show more (mod_security) mod_security (id:240950) triggered by 159.138.135.200 (ecs-159-138-135-200.compute.hwclouds-dns.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 03 07:34:57.828764 2026] [security2:error] [pid 13970:tid 13970] [client 159.138.135.200:33872] ModSecurity: Access denied with code 403 (phase 1). Pattern match "\\\\D" at TX:1. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "4530"] [id "240950"] [rev "2"] [msg "COMODO WAF: XSS & SQL injection vulnerability in Pragyan CMS 3.0 (CVE-2015-1471)\|\|goldengatecorgis.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "goldengatecorgis.org"] [uri "/"] [unique_id "aabVccanV13X6FNmQevopwAAAAY"], referer: http://goldengatecorgis.org/?URL=https://substance3d.adobe.com/community-assets/profile/org.adobe.user:D5B122F168E7CA4B0A495C57@AdobeID show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-02 08:15:08 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 159.138.135.200 (ecs-159-138-135-200.compute.hw ... show more (mod_security) mod_security (id:210730) triggered by 159.138.135.200 (ecs-159-138-135-200.compute.hwclouds-dns.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 02 03:15:02.675847 2026] [security2:error] [pid 21726:tid 21726] [client 159.138.135.200:38450] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|cchockeyhistory.org\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "cchockeyhistory.org"] [uri "/players/Thumbs.db"] [unique_id "aaVHBkQlqMUy2H5t7Q87awAAAA8"], referer: http://cchockeyhistory.org/players/Thumbs.db show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Sklurk	2026-02-28 18:03:16 (3 months ago)	Web App Attack	Web App Attack
Anonymous	2026-02-27 17:22:47 (3 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇺🇸 TPI-Abuse	2026-02-26 11:15:13 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 159.138.135.200 (ecs-159-138-135-200.compute.hw ... show more (mod_security) mod_security (id:210730) triggered by 159.138.135.200 (ecs-159-138-135-200.compute.hwclouds-dns.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 26 06:15:08.157026 2026] [security2:error] [pid 14962:tid 14962] [client 159.138.135.200:43650] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.alexgitlin.com\|F\|2"] [data ".thehighwaystar.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.alexgitlin.com"] [uri "/npp/www.thehighwaystar.com"] [unique_id "aaArPIcIFOaj86_8fTPqMwAAAAs"], referer: https://www.alexgitlin.com/npp/www.thehighwaystar.com show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 adnscom.net	2026-02-26 09:47:37 (3 months ago)	IPS trigger: Brute force WebApp/CMS scanning/attack	Brute-Force Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 222.188.38.27

🇮🇳 168.144.95.207

🇵🇱 82.40.19.42

🇧🇬 79.124.62.134

🇸🇬 47.245.109.240

🇺🇸 45.63.4.69

🇺🇸 2607:ff10:c8:594::a

🇺🇸 209.250.4.124

🇺🇸 208.84.101.109

🇷🇴 193.32.162.16

🇲🇽 187.190.35.163

🇧🇷 177.71.89.48

🇸🇦 154.205.134.214

🇺🇸 135.222.40.33

🇺🇸 104.233.12.38

🇧🇩 103.179.198.19

🇳🇱 82.39.219.164

🇮🇳 82.24.166.150

🇺🇸 82.24.128.131

🇺🇸 67.227.42.122