IP Address

103.134.154.55

IPv4 Public
SG SG
AS138608
Cloud Host Pte Ltd
184 Reports
This IP is on the Blacklist High confidence threat - blocking recommended
10/10 Threat
76% Confidence
184 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Top 10% High Threat
SG
SG Location
Cloud Host Pte Ltd ASN 138608
184 Reports
Honeypot Data Source

Critical Threat

IP 103.134.154.55 is a critical-risk address operated by Cloud Host Pte Ltd in Singapore that has been linked to sustained SSH brute-force attacks, with 184 abuse reports logged by automated honeypot sensors over approximately six months. The IP carries a threat level of 10/10 and a confidence score of 76%, with the overwhelming majority of recent reports categorizing the activity as SSH-related intrusion attempts. Detection systems across 20 separate honeypot sensors have recorded multiple waves of attack traffic, with firewall and intrusion-detection systems flagging repeated sshd brute-force violations. The combination of high report volume, consistent activity spanning November 2025 through May 2026, and a threat level at the maximum scale makes this address a confirmed danger to any exposed SSH service. This is not an isolated incident or a single scanning probe — the pattern reflects deliberate, automated credential-guessing campaigns targeting Secure Shell endpoints.

The evidence base is substantial and consistent with organized attack infrastructure. Automated honeypot sensors detected 19 SSH-focused reports alongside 3 general hacking intrusion attempts and 2 reports indicating the address may itself function as an exploited host platform. Suricata intrusion-detection systems flagged active SSH sessions on expected ports, confirming that the attacking endpoint maintains persistent connections during its brute-force attempts rather than using simple high-volume flooding. Fail2ban systems recorded multiple sshd violation events, indicating that the SSH service was actively rejecting authentication attempts — the attack was in progress rather than successful on those specific targets. The 2/10 activity frequency suggests the attacking campaigns occur in periodic bursts rather than constant traffic, which is typical of credential-stuffing tools that rotate through wordlists. Cloud Host Pte Ltd operates the AS138608 autonomous system, and while the geographic origin is Singapore, the compromised or rented infrastructure pattern is consistent with bulletproof hosting environments used for attack operations.

More threatening than 94% of monitored IPs

Threat Categories

SSH 29
Hacking 3
Exploited Host 2

Technical Details

SSH attacks attempt to gain server access through password guessing or exploitation of SSH vulnerabilities.

Recommended Mitigations

Use key-based authentication, change default ports, implement fail2ban, and disable root login.

Behavioral Analysis

Activity Pattern: Consistent Activity

Steady malicious activity over less than a day indicates persistent threat actor operations.

First Observed 20. May 2026
Last Activity 20. May 2026
Recent (7 days) 0 incidents

Reputable Network

This IP is hosted on a network (ASN 138608) with generally good reputation. The ISP Cloud Host Pte Ltd maintains standard security practices.

The malicious activity may represent an isolated compromised system rather than systematic abuse.

Security Recommendations

Long-term blocking recommended.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 10/10 Critical
Critical
Activity Frequency 2/10 Very Low
Confidence Score 68% High Confidence

Confidence History

26. Feb 2026 - 20. May 2026
76% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
Exploited Host Honeypot 75%
Hacking SSH Honeypot x2 75%
Hacking Exploited Host SSH Honeypot x3 75%
Hacking SSH Honeypot x2 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot x2 75%
SSH Honeypot 75%
10 of 184 shown

Technical Details

Basic Information

IP Address
103.134.154.55
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class A

Geolocation

Country
SG SG
ASN
AS138608
ISP
Cloud Host Pte Ltd

DNS Information

Reverse DNS
ip103-134-154-55.cloudhost.web.id
PTR Record
Yes
Connection Type
Dynamic

Statistics

Total Reports
184
First Reported
29 Nov 2025
Last Reported
20 May 2026, 20:23

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS138608
Cloud Host Pte Ltd
ID ID

Network Threat Assessment

2/10
This network appears to be relatively clean with very low threat indicators.

Network Statistics

80
Total IPs Monitored
3,275
Total Reports
40.9
Reports per IP

Network Context

This IP address belongs to Cloud Host Pte Ltd (AS138608), which manages 80 IP addresses in our monitoring system. Out of these, 3,275 have been reported for suspicious activities, resulting in a network-wide threat level of 2/10.

Network status: This network appears to be well-maintained with low threat indicators.

Comparative Analysis

How this IP compares to others in our threat intelligence database

94 %

Global Threat Ranking

This IP is more threatening than 94% of all IPs in our database.

Top 10% Most Dangerous

Global Comparison

Compared against 199,762 reported IPs worldwide

Threat Level 10/10 avg: 5.3 ++
Total Reports 184 avg: 23 ++

Network Comparison

Compared against 88 IPs in ASN 138608

Threat Level 10/10 network avg: 8.1 +
Total Reports 184 network avg: 41 ++
Network Cloud Host Pte Ltd has overall threat level 2/10

Geographic Comparison

Compared against 6,479 IPs in SG

Threat Level 10/10 country avg: 5.7 ++
Total Reports 184 country avg: 12 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

187,378 threat incidents tracked globally • Last 24h: 18,990 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US
    38,468 20.5%
  2. 02
    IN
    India IN
    29,138 15.6%
  3. 03
    CN
    China CN
    26,029 13.9%
  4. 04
    BR
    Brazil BR
    10,256 5.5%
  5. 05
    DE
    Germany DE
    7,144 3.8%
  6. 06
    SG
    Singapore SG THIS IP
    6,476 3.5%
  7. 07
    ID
    Indonesia ID
    5,551 3%
  8. 08
    RU
    Russia RU
    4,703 2.5%
  9. 09
    PK
    Pakistan PK
    4,677 2.5%
  10. 10
    NL
    Netherlands NL
    4,358 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same Autonomous System (AS) network provider.

20 Related IPs
9/10 Avg Threat
95% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
103.187.146.33 10/10
Confidence 100%
Reports 20
Location ID ID
28 May 2026
103.189.234.69 8/10
Confidence 98%
Reports 445
Location ID ID
23 Feb 2026
103.134.154.119 10/10
Confidence 98%
Reports 17
Location SG SG
26 May 2026
103.187.146.131 10/10
Confidence 98%
Reports 13
Location ID ID
7 Jun 2026
103.189.235.88 8/10
Confidence 97%
Reports 91
Location ID ID
1 Mar 2026
103.187.147.24 8/10
Confidence 97%
Reports 88
Location ID ID
1 Mar 2026
103.250.11.178 8/10
Confidence 97%
Reports 43
Location ID ID
28 Feb 2026
103.189.234.49 8/10
Confidence 97%
Reports 38
Location ID ID
26 Feb 2026
103.13.206.218 8/10
Confidence 97%
Reports 21
Location ID ID
24 Feb 2026
103.250.11.116 10/10
Confidence 96%
Reports 85
Location ID ID
9 Jun 2026
103.189.235.93 10/10
Confidence 95%
Reports 49
Location ID ID
23 May 2026
103.187.146.107 10/10
Confidence 94%
Reports 101
Location ID ID
8 Jun 2026
103.189.234.85 10/10
Confidence 94%
Reports 85
Location ID ID
28 May 2026
103.134.154.138 10/10
Confidence 94%
Reports 24
Location SG SG
26 May 2026
103.187.147.165 8/10
Confidence 93%
Reports 78
Location ID ID
3 Jun 2026
103.189.235.33 10/10
Confidence 93%
Reports 65
Location ID ID
21 Apr 2026
103.187.146.90 8/10
Confidence 93%
Reports 22
Location ID ID
8 Jun 2026
103.250.11.156 10/10
Confidence 92%
Reports 112
Location ID ID
9 Jun 2026
103.189.234.9 8/10
Confidence 92%
Reports 15
Location ID ID
29 May 2026
103.250.10.115 8/10
Confidence 91%
Reports 14
Location ID ID
25 Feb 2026

IPs from the same subnet range, likely same network segment.

5 Related IPs
9.6/10 Avg Threat
82% Avg Confidence
5 High Threat
High-risk network: Majority of related IPs are flagged
103.134.154.119 10/10
Confidence 98%
Reports 17
Location SG SG
26 May 2026
103.134.154.138 10/10
Confidence 94%
Reports 24
Location SG SG
26 May 2026
103.134.154.36 10/10
Confidence 85%
Reports 20
Location SG SG
25 May 2026
103.134.154.79 10/10
Confidence 81%
Reports 19
Location SG SG
7 Apr 2026
103.134.154.157 8/10
Confidence 51%
Reports 9
Location SG SG
12 Mar 2026

IPs from the same country with similar threat profiles.

15 Related IPs
8.3/10 Avg Threat
100% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
74.91.224.220 8/10
Confidence 100%
Reports 490
ISP Oracle Corporation
4 Jun 2026
20.153.140.50 8/10
Confidence 100%
Reports 49
ISP Microsoft Corpo...
9 Jun 2026
15.235.211.211 8/10
Confidence 100%
Reports 42
ISP OVH SAS
7 May 2026
45.78.201.248 8/10
Confidence 100%
Reports 42
ISP Byteplus Pte. Ltd.
30 Mar 2026
161.118.210.105 8/10
Confidence 100%
Reports 32
ISP Oracle Corporation
8 Jun 2026
161.118.200.79 8/10
Confidence 100%
Reports 29
ISP Oracle Corporation
9 Jun 2026
134.185.83.159 8/10
Confidence 100%
Reports 26
ISP Oracle Corporation
25 May 2026
213.35.123.95 8/10
Confidence 100%
Reports 25
ISP Oracle Corporation
7 Jun 2026
20.24.137.18 8/10
Confidence 100%
Reports 20
ISP Microsoft Corpo...
29 Apr 2026
161.118.203.255 8/10
Confidence 100%
Reports 19
ISP Oracle Corporation
8 Jun 2026
213.35.122.50 8/10
Confidence 100%
Reports 18
ISP Oracle Corporation
9 Jun 2026
51.79.254.190 8/10
Confidence 100%
Reports 17
ISP OVH SAS
8 Jun 2026
140.245.46.165 10/10
Confidence 100%
Reports 17
ISP Oracle Corporation
1 Jun 2026
128.1.38.169 8/10
Confidence 99%
Reports 102
ISP UCLOUD INFORMAT...
25 Apr 2026
43.160.200.19 10/10
Confidence 99%
Reports 79
ISP Tencent Buildin...
26 May 2026

IPs with similar threat level and confidence scores.

15 Related IPs
9.3/10 Avg Threat
76% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
186.96.145.241 10/10
Confidence 76%
Reports 25,454
Location MX MX
9 Jun 2026
207.90.244.10 8/10
Confidence 76%
Reports 21,411
Location US US
9 Jun 2026
159.89.124.112 8/10
Confidence 76%
Reports 12,044
Location CA CA
9 Jun 2026
185.156.73.166 7/10
Confidence 76%
Reports 2,518
Location UA UA
3 Apr 2026
194.107.115.199 10/10
Confidence 76%
Reports 1,957
Location UZ UZ
8 Jun 2026
80.94.92.68 10/10
Confidence 76%
Reports 1,485
Location RO RO
21 Mar 2026
184.105.247.194 8/10
Confidence 76%
Reports 1,352
Location US US
8 Jun 2026
71.6.135.131 8/10
Confidence 76%
Reports 866
Location US US
8 Jun 2026
216.126.229.7 10/10
Confidence 76%
Reports 856
Location DE DE
30 Nov 2025
45.156.87.211 10/10
Confidence 76%
Reports 846
Location NL NL
4 Dec 2025
78.153.140.39 10/10
Confidence 76%
Reports 804
Location GB GB
8 Jun 2026
78.153.140.149 10/10
Confidence 76%
Reports 753
Location GB GB
8 Jun 2026
146.70.124.165 10/10
Confidence 76%
Reports 749
Location RO RO
2 Dec 2025
91.224.92.125 10/10
Confidence 76%
Reports 713
Location GB GB
9 Apr 2026
103.86.198.162 10/10
Confidence 76%
Reports 683
Location BD BD
2 Jun 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "103.134.154.55",
    "threat_level": 10,
    "confidence_score": 76,
    "total_reports": 184,
    "country_code": "SG",
    "isp_name": "Cloud Host Pte Ltd",
    "asn": "138608",
    "first_reported": "2025-11-29 05:21:44",
    "last_reported": "2026-05-20 20:23:05",
    "exported_at": "2026-06-09T11:08:04+02:00",
    "source": "https://reportedip.de/ip/103.134.154.55/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses