JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 162.158.253.137

162.158.253.137 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 0%: ?

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14789
Domain Name	cloudflare.com
Country	🇧🇷 Brazil
City	Belo Horizonte, Minas Gerais

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Important Note: 162.158.253.137 is an IP address from within our whitelist belonging to the subnet 162.158.0.0/15, which we identify as: "Cloudflare Reverse Proxy".

Whitelisted netblocks are typically owned by trusted entities, such as Google or Microsoft who may use them for search engine spiders. However, these same entities sometimes also provide cloud servers and mail services which are easily abused. Pay special attention when trusting or distrusting these IPs.

Report 162.158.253.137

Whois 162.158.253.137

IP Abuse Reports for 162.158.253.137:

This IP address has been reported a total of 16 times from 10 distinct sources. 162.158.253.137 was first reported on November 4th 2023, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 BIV	2026-06-15 04:10:59 (1 week ago)	Honeypot multi-source hit. Sources: tpot:P0f,tpot:Suricata. Ports: 2053. Automated tiered (T-Pot+DSh ... show more Honeypot multi-source hit. Sources: tpot:P0f,tpot:Suricata. Ports: 2053. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking
🇩🇪 acadeova	2026-06-05 09:04:36 (2 weeks ago)	🚨 Recon detected (nft drop) SRC=162.158.253.137 Observed=TCP dpt=80 in=enp0s6 ttl=50 Time=recent(jou ... show more 🚨 Recon detected (nft drop) SRC=162.158.253.137 Observed=TCP dpt=80 in=enp0s6 ttl=50 Time=recent(journalctl: 10 minutes ago) Assessment=Generic scanning / reconnaissance (PORT_SCAN) show less	Port Scan
Anonymous	2026-05-08 04:20:16 (1 month ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇩🇪 acadeova	2026-04-20 01:37:36 (2 months ago)	🚨 Recon detected (nft drop) SRC=162.158.253.137 Observed=TCP dpt=80 in=enp0s6 ttl=50 Time=recent(jou ... show more 🚨 Recon detected (nft drop) SRC=162.158.253.137 Observed=TCP dpt=80 in=enp0s6 ttl=50 Time=recent(journalctl: 10 minutes ago) Assessment=Generic scanning / reconnaissance (PORT_SCAN) show less	Port Scan
🇩🇪 acadeova	2026-04-10 12:51:18 (2 months ago)	🚨 Recon detected (nft drop) SRC=162.158.253.137 Observed=TCP dpt=80 in=enp0s6 ttl=50 Time=recent(jou ... show more 🚨 Recon detected (nft drop) SRC=162.158.253.137 Observed=TCP dpt=80 in=enp0s6 ttl=50 Time=recent(journalctl: 10 minutes ago) Assessment=Generic scanning / reconnaissance (PORT_SCAN) show less	Port Scan
🇺🇸 MPL	2026-04-01 09:57:22 (2 months ago)	tcp/80 (5 or more attempts)	Port Scan
🇩🇪 acadeova	2026-03-24 22:32:37 (2 months ago)	🚨 Recon detected (nft drop) SRC=162.158.253.137 Observed=TCP dpt=80 in=enp0s6 ttl=53 Time=recent(jou ... show more 🚨 Recon detected (nft drop) SRC=162.158.253.137 Observed=TCP dpt=80 in=enp0s6 ttl=53 Time=recent(journalctl: 10 minutes ago) Assessment=Generic scanning / reconnaissance (PORT_SCAN) show less	Port Scan
🇧🇷 chronos	2026-03-21 00:31:58 (3 months ago)	2026-03-20 20:49:21 UTC-3\|\|Unauthorized connection attempt detected for port scanning	Port Scan
🇩🇪 acadeova	2026-02-12 18:28:36 (4 months ago)	🚨 Recon detected (nft drop) SRC=162.158.253.137 Observed=TCP dpt=80 in=enp0s6 ttl=53 Time=recent(jou ... show more 🚨 Recon detected (nft drop) SRC=162.158.253.137 Observed=TCP dpt=80 in=enp0s6 ttl=53 Time=recent(journalctl: 10 minutes ago) Assessment=Generic scanning / reconnaissance (PORT_SCAN) show less	Port Scan
🇩🇪 alive	2025-12-30 23:05:58 (5 months ago)	Confirmed malicious activity observed via T-Pot honeypot Observed 30 events on port 443 (unknown) fr ... show more Confirmed malicious activity observed via T-Pot honeypot Observed 30 events on port 443 (unknown) from 2025-12-30T23:05:58+00:00 to 2025-12-30T23:07:09.917000+00:00. Sample: {"src_port": 40203, "src_ip": "162.158.253.137", "dest_port": 443} show less	Port Scan
🇺🇸 vdub144	2025-12-14 19:06:42 (6 months ago)	Automated report from Gross Automation security system. \| Attack type: attack_path \| Path: /index.ph ... show more Automated report from Gross Automation security system. \| Attack type: attack_path \| Path: /index.php \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Avast/131.0.0.0 \| Blocked by: nginx-bot-hell show less	Web App Attack
🇹🇼 kk_it_man	2025-06-21 21:41:04 (1 year ago)		Port Scan
🇵🇱 sefinek.net	2024-08-14 21:02:54 (1 year ago)	IP: 162.158.253.137 Protocol: TCP Source port: 50686 Destination port: 443 TTL: 40 Packet length: 40 ... show more IP: 162.158.253.137 Protocol: TCP Source port: 50686 Destination port: 443 TTL: 40 Packet length: 40 TOS: 0x08 Timestamp: Aug 14 23:02:54 (23:02:54, 14.08.2024) The IP address was blocked by the Uncomplicated Firewall (UFW) due to suspicious activity. Packet details suggest a possible unauthorized access or port scanning attempt. show less	Port Scan Web App Attack
🇵🇱 sefinek.net	2024-08-14 09:47:50 (1 year ago)	IP: 162.158.253.137 Protocol: TCP Source port: 56838 Destination port: 443 TTL: 40 Packet length: 40 ... show more IP: 162.158.253.137 Protocol: TCP Source port: 56838 Destination port: 443 TTL: 40 Packet length: 40 TOS: 0x08 Timestamp: Aug 14 11:47:49 (11:47:49, 14.08.2024) The IP address was blocked by the Uncomplicated Firewall (UFW) due to suspicious activity. Packet details suggest a possible unauthorized access or port scanning attempt. show less	Port Scan Web App Attack
🇩🇪 Pingger Shikkoken	2023-11-14 07:49:14 (2 years ago)	Participating in DDoS Amplification Attack! Sending 14 requests over 14140s asking for ?0? of apple. ... show more Participating in DDoS Amplification Attack! Sending 14 requests over 14140s asking for ?0? of apple.com, atlassian.com, cisco.com show less	DNS Poisoning DDoS Attack Hacking Brute-Force Exploited Host

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇱 185.23.110.148

🇮🇶 169.224.26.120

🇲🇦 105.66.4.89

🇨🇳 101.201.38.226

🇫🇷 51.68.107.148

🇺🇸 35.139.167.106

🇺🇸 18.190.15.50

🇸🇬 4.194.10.127

🇶🇦 2600:1900:4260:40e::26

🇮🇳 223.185.61.231

🇹🇷 212.174.112.99

🇫🇷 147.93.94.225

🇰🇪 102.216.154.32

🇯🇴 91.186.251.196

🇳🇱 45.148.10.151

🇺🇸 44.220.188.11

🇸🇬 43.173.174.246

🇰🇪 41.90.172.6

🇺🇿 213.230.92.210

🇰🇷 211.253.10.61