JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.239.6.163

154.239.6.163 was found in our database!

This IP was reported 100 times. Confidence of Abuse is 36%: ?

36%

ISP	Nile Online
Usage Type	Fixed Line ISP
ASN	AS36992
Domain Name	nile-online.com
Country	🇪🇬 Egypt
City	Cairo, Cairo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.239.6.163

Whois 154.239.6.163

IP Abuse Reports for 154.239.6.163:

This IP address has been reported a total of 100 times from 39 distinct sources. 154.239.6.163 was first reported on August 30th 2021, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇱 spd.co.il	2026-06-07 17:01:18 (1 day ago)	Unauthorized access attempts on ports: 23	Brute-Force
🇮🇱 spd.co.il	2026-06-04 16:04:12 (4 days ago)	Unauthorized access attempts on ports: 23	Brute-Force
🇮🇱 spd.co.il	2026-06-01 16:01:40 (1 week ago)	Unauthorized access attempts on ports: 23	Brute-Force
🇮🇱 spd.co.il	2026-05-29 15:03:50 (1 week ago)	Unauthorized access attempts on ports: 23	Brute-Force
🇮🇱 spd.co.il	2026-05-26 14:06:00 (1 week ago)	Unauthorized access attempts on ports: 23	Brute-Force
🇲🇿 delsio	2026-05-24 07:37:40 (2 weeks ago)	AS37697 ntopng observed inbound attack; alert=Live Flow Malicious Fingerprint; source=154.239.6.163; ... show more AS37697 ntopng observed inbound attack; alert=Live Flow Malicious Fingerprint; source=154.239.6.163; destination=169.255.132.113; destination_port=23; score=20; action=bgp_blackhole_and_flowspec_discard; block_duration=18000s; reason=high-confidence ntopng_blacklisted,alert_name alert=Live Flow Malicious Fingerprint dst=169.255.132.113 port=23 show less	Port Scan Hacking
🇮🇱 spd.co.il	2026-05-23 14:03:19 (2 weeks ago)	Unauthorized access attempts on ports: 23	Brute-Force
🇫🇷 edoram	2026-05-10 22:04:44 (4 weeks ago)	Firewall probe / distributed scan detected by honeypot. 43 connection attempts in 24h.	Port Scan Web App Attack
🇫🇷 edoram	2026-05-09 22:04:39 (4 weeks ago)	Firewall probe / distributed scan detected by honeypot. 48 connection attempts in 24h.	Port Scan Web App Attack
🇩🇪 CELOS-SOC	2026-05-09 20:31:16 (4 weeks ago)	Multiple Unauthorized SSLVPN Login Attempts	Hacking Brute-Force
🇩🇪 NxtGenIT	2026-05-09 17:24:55 (4 weeks ago)	CiscoASA Honeypot hit, Payload: "GET /+CSCOE+/logon.html HTTP/1.1" 302 -,	Brute-Force
🇫🇷 edoram	2026-05-09 16:03:46 (4 weeks ago)	Firewall probe / distributed scan detected by honeypot. 22 connection attempts in 24h.	Port Scan Web App Attack
🇩🇪 NxtGenIT	2026-05-09 15:01:06 (4 weeks ago)	CiscoASA Honeypot hit, Payload: "GET /+CSCOE+/logon.html?fcadbadd=1 HTTP/1.1" 200 -,	Brute-Force
🇩🇪 NxtGenIT	2026-05-09 14:00:42 (4 weeks ago)	CiscoASA Honeypot hit, Payload: "POST /+webvpn+/index.html HTTP/1.1" 200 -,	Brute-Force
🇹🇷 pamircil	2026-05-02 04:01:13 (1 month ago)	🍯 WinnieThePooh Honeypot : Detected Cisco Vuln.: ("GET /+CSCOE+/logon.html HTTP/1.1" 302 -) 💀	DDoS Attack Hacking Web App Attack

Showing 1 to 15 of 100 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.220

🇧🇪 198.235.24.219

🇳🇱 195.178.110.30

🇮🇳 49.36.177.27

🇺🇸 23.234.118.207

🇧🇪 198.235.24.216

🇧🇪 198.235.24.202

🇹🇼 198.235.24.84

🇬🇧 193.163.125.145

🇺🇸 167.71.21.101

🇺🇸 147.185.132.49

🇱🇹 81.30.98.44

🇹🇼 61.224.43.4

🇳🇱 45.198.224.126

🇳🇱 45.128.199.133

🇩🇪 34.185.227.50

🇺🇸 23.234.118.174

🇳🇱 5.255.121.146

🇩🇪 213.209.159.56

🇧🇪 198.235.24.193