JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 98.159.36.138

98.159.36.138 was found in our database!

This IP was reported 94 times. Confidence of Abuse is 44%: ?

44%

ISP	LogicWeb Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	logicweb.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 98.159.36.138

Whois 98.159.36.138

IP Abuse Reports for 98.159.36.138:

This IP address has been reported a total of 94 times from 45 distinct sources. 98.159.36.138 was first reported on September 21st 2022, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 gadix	2026-06-13 19:22:01 (1 day ago)	[13/Jun/2026:21:21:59.942377 +0200] ai2t198NFLlrUsIvN83GcQAAAAE 98.159.36.138 55880 127.0.0.1 7080 [ ... show more [13/Jun/2026:21:21:59.942377 +0200] ai2t198NFLlrUsIvN83GcQAAAAE 98.159.36.138 55880 127.0.0.1 7080 [13/Jun/2026:21:21:59.970740 +0200] ai2t1wO3ylt4QmDMBConUAAAAHA 98.159.36.138 55916 127.0.0.1 7080 [13/Jun/2026:21:21:59.970915 +0200] ai2t1ypi-WbJE-R5GbZWGwAAAAA 98.159.36.138 55920 127.0.0.1 7080 ... show less	Web App Attack
🇩🇪 edena	2026-06-13 19:21:02 (1 day ago)	98.159.36.138 - - [13/Jun/2026:21:21:02 +0200] "GET /.env HTTP/1.1" 403 322 "-" "Mozilla/5.0 (Ubuntu ... show more 98.159.36.138 - - [13/Jun/2026:21:21:02 +0200] "GET /.env HTTP/1.1" 403 322 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" 98.159.36.138 - - [13/Jun/2026:21:21:02 +0200] "GET /.hermes/.env HTTP/1.1" 403 322 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_1) AppleWebKit/604.3.5 (KHTML, like Gecko) Version/11.0.1 Safari/604.3.5" 98.159.36.138 - - [13/Jun/2026:21:21:02 +0200] "GET /.env.local HTTP/1.1" 403 322 "-" "Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" ... show less	Web App Attack Bad Web Bot
🇫🇮 Ticlem	2026-06-13 07:58:08 (1 day ago)	2026-06-13T09:54:11.036066+02:00 clement-turlure kernel: [2343428.094318] [UFW BLOCK] IN=enp0s31f6 O ... show more 2026-06-13T09:54:11.036066+02:00 clement-turlure kernel: [2343428.094318] [UFW BLOCK] IN=enp0s31f6 OUT= MAC=90:1b:0e:f7:16:fb:d0:07:ca:8d:22:75:08:00 SRC=98.159.36.138 DST=95.216.21.136 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=20906 PROTO=TCP SPT=31879 DPT=8097 WINDOW=1024 RES=0x00 SYN URGP=0 2026-06-13T09:55:49.007438+02:00 clement-turlure kernel: [2343526.066505] [UFW BLOCK] IN=enp0s31f6 OUT= MAC=90:1b:0e:f7:16:fb:d0:07:ca:8d:22:75:08:00 SRC=98.159.36.138 DST=95.216.21.136 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=19301 PROTO=TCP SPT=8254 DPT=8773 WINDOW=1024 RES=0x00 SYN URGP=0 2026-06-13T09:58:07.346813+02:00 clement-turlure kernel: [2343664.407054] [UFW BLOCK] IN=enp0s31f6 OUT= MAC=90:1b:0e:f7:16:fb:d0:07:ca:8d:22:75:08:00 SRC=98.159.36.138 DST=95.216.21.136 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=55197 PROTO=TCP SPT=55587 DPT=8301 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇩🇪 ValtonTahiri	2026-06-13 07:49:18 (1 day ago)	UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly as ... show more UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly associated with port scanning, service discovery, or automated internet probing. Technical: source_ip=98.159.36.138; proto=TCP; source_port=35110; target_port=8742; flags=SYN show less	Port Scan
🇫🇷 sbocquet	2026-06-12 05:01:06 (3 days ago)	Port 443 scanned from 98.159.36.138:56640.	Port Scan
🇬🇧 consul.to	2026-05-27 21:13:56 (2 weeks ago)	Web attack/malicious scanning detected	Web App Attack
Anonymous	2026-05-24 16:30:25 (3 weeks ago)	Failed login attempt detected by Fail2Ban in plesk-postfix jail	Brute-Force
🇮🇹 VHosting	2026-05-24 13:24:40 (3 weeks ago)	Detected mail brute force attack from 4 different servers	Brute-Force
🇬🇧 consul.to	2026-05-19 07:14:37 (3 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇨🇭 barateza	2026-04-06 19:00:03 (2 months ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇩🇪 John Chrys.	2026-04-02 01:55:30 (2 months ago)	Apr 2 03:55:17 loki dovecot: pop3-login: Disconnected: Aborted login by logging out (auth failed, 1 ... show more Apr 2 03:55:17 loki dovecot: pop3-login: Disconnected: Aborted login by logging out (auth failed, 1 attempts in 4 secs): user=<[email protected]>, method=PLAIN, rip=98.159.36.138, lip=139.162.162.70, session=<mVItp29OyJ9inySK> Apr 2 03:55:26 loki dovecot: pop3-login: Disconnected: Connection closed (auth failed, 1 attempts in 9 secs): user=<mediation>, method=PLAIN, rip=98.159.36.138, lip=139.162.162.70, session=<TQRup29OhstinySK> Apr 2 04:55:30 loki dovecot: pop3-login: Disconnected: Aborted login by logging out (auth failed, 1 attempts in 4 secs): user=<[email protected]>, method=PLAIN, rip=98.159.36.138, lip=139.162.162.70, session=<5reDfnBOqIxinySK> ... show less	Brute-Force Email Spam
🇺🇸 xmission.com	2026-03-24 18:15:08 (2 months ago)	Blocked by UFW (TCP on 9050) Source port: 9334 TTL: 117 Packet length: 52 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 9050) Source port: 9334 TTL: 117 Packet length: 52 TOS: 0x00 This report (for 98.159.36.138) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇬🇧 consul.to	2026-03-24 06:17:25 (2 months ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 consul.to	2026-03-20 07:37:44 (2 months ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 consul.to	2026-02-15 04:55:55 (4 months ago)	Web attack/malicious scanning detected	Web App Attack

Showing 1 to 15 of 94 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇺 162.158.168.152

🇨🇳 101.36.228.201

🇱🇹 81.30.98.44

🇮🇱 80.178.89.66

🇳🇱 5.61.209.224

🇳🇱 213.177.179.44

🇸🇬 199.91.100.40

🇧🇴 181.188.187.140

🇨🇳 180.105.9.180

🇧🇷 177.6.162.182

🇺🇸 165.154.255.63

🇦🇺 162.158.39.139

🇦🇺 108.162.249.43

🇦🇺 108.162.249.42

🇹🇼 198.235.24.47

🇹🇳 197.0.83.90

🇦🇺 172.68.210.5

🇺🇸 165.154.206.30

🇦🇺 162.158.168.153

🇦🇺 162.158.39.138