JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 165.154.147.165

165.154.147.165 was found in our database!

This IP was reported 95 times. Confidence of Abuse is 16%: ?

16%

ISP	UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED
Usage Type	Data Center/Web Hosting/Transit
ASN	AS135377
Domain Name	ucloud.cn
Country	🇲🇾 Malaysia
City	Kuala Lumpur, Kuala Lumpur

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 165.154.147.165

Whois 165.154.147.165

IP Abuse Reports for 165.154.147.165:

This IP address has been reported a total of 95 times from 69 distinct sources. 165.154.147.165 was first reported on February 10th 2026, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 phil2k	2026-04-14 20:51:11 (1 month ago)	fail2ban:firewall:2026-04-14T22:20:59.244208+02:00 <SRV> firewall: filter IN=<ANONYMIZED_INTERFACE> ... show more fail2ban:firewall:2026-04-14T22:20:59.244208+02:00 <SRV> firewall: filter IN=<ANONYMIZED_INTERFACE> OUT= MAC=<ANONYMIZED_MAC> SRC=165.154.147.165 DST=<PRIVATE_IPv4> LEN=40 TOS=0x00 PREC=0x00 TTL=231 ID=47934 PROTO=TCP SPT=53326 DPT=3389 WINDOW=1024 RES=0x00 SYN URGP=0 2026-04-14T22:51:10.015510+02:00 <SRV> firewall: filter IN=<ANONYMIZED_INTERFACE> OUT= MAC=<ANONYMIZED_MAC> SRC=165.154.147.165 DST=<ANONYMIZED_IP> LEN=40 TOS=0x00 PREC=0x00 TTL=231 ID=34343 PROTO=TCP SPT=53326 DPT=3389 WINDOW=1024 RES=0x00 SYN URGP=0 show less	DDoS Attack Port Scan Brute-Force
🇦🇺 FEWA	2026-04-14 20:48:29 (1 month ago)	Fail2Ban Ban Triggered	Hacking Brute-Force
🇫🇷 Duggy_Tuxy🧱	2026-04-14 19:28:41 (1 month ago)	[HP01-SRV01-FR] Blocked by SysWarden Firewall (RDP/VNC Attack)	Port Scan Brute-Force
🇯🇵 jay hung	2026-04-14 19:27:54 (1 month ago)	2026-04-14T19:27:48.641122+00:00 quarktech kernel: [2273140.114498] [UFW BLOCK] IN=eth0 OUT= MAC=22: ... show more 2026-04-14T19:27:48.641122+00:00 quarktech kernel: [2273140.114498] [UFW BLOCK] IN=eth0 OUT= MAC=22:00:92:2e:84:93:fe:ff:ff:ff:ff:ff:08:00 SRC=165.154.147.165 DST=172.237.29.33 LEN=40 TOS=0x00 PREC=0x40 TTL=228 ID=19371 PROTO=TCP SPT=53326 DPT=3389 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇳🇱 wlt-blocker	2026-04-14 19:02:57 (1 month ago)	Illegal port scans	Port Scan
🇫🇷 ✨	2026-04-05 00:02:18 (2 months ago)	Rule : RDP UserAccount : ADMINISTRATOR S-1-0-0 - - 0x0 S-1-0-0 ADMINISTRATOR 0xc000006d %#13 0xc00 ... show more Rule : RDP UserAccount : ADMINISTRATOR S-1-0-0 - - 0x0 S-1-0-0 ADMINISTRATOR 0xc000006d %#13 0xc000006a 3 NtLmSsp NTLM - - - 0 0x0 - 165.154.147.165 0 show less	SSH Brute-Force
Anonymous	2026-04-04 03:41:51 (2 months ago)	Tried our host z.	Port Scan Hacking Exploited Host
Anonymous	2026-04-04 03:41:40 (2 months ago)	Trying ports that it shouldn't be.	Port Scan Hacking Exploited Host
Anonymous	2026-04-04 03:41:28 (2 months ago)	Hit honeypot r.	Port Scan Hacking Exploited Host
🇵🇱 sefinek.net	2026-04-04 02:07:50 (2 months ago)	Blocked by UFW on PL02 [3389/tcp] \| SPT: 48019 \| TTL: 231 \| LEN: 40 \| TOS: 0x00 • Reported by: githu ... show more Blocked by UFW on PL02 [3389/tcp] \| SPT: 48019 \| TTL: 231 \| LEN: 40 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Hacking Brute-Force
🇵🇱 derester	2026-04-04 02:00:40 (2 months ago)	Hit MikroTik Honeypot port: 3389 (RDP)	Port Scan Brute-Force
🇩🇪 Lazentis	2026-04-01 13:42:24 (2 months ago)	Unauthorized access attempt to port 3389 (tcp)	Brute-Force SSH
🇫🇷 Coco Bongo	2026-04-01 13:41:35 (2 months ago)	1775050895 - 04/01/2026 15:41:35 Host: 165.154.147.165/165.154.147.165 Port: 3389 TCP Blocked ...	Port Scan
🇩🇪 Mailguard-FRD	2026-04-01 13:39:57 (2 months ago)	1775050796 - 04/01/2026 15:39:56 Host: 165.154.147.165/165.154.147.165 Port: 3389 TCP Blocked ...	Port Scan
🇫🇮 iamxorum	2026-04-01 13:24:10 (2 months ago)	2026-04-01T13:24:09.695373+00:00 XRM-01 kernel: [HONEYPORT] IN=eth0 OUT= MAC=92:00:06:e6:da:95:d2:74 ... show more 2026-04-01T13:24:09.695373+00:00 XRM-01 kernel: [HONEYPORT] IN=eth0 OUT= MAC=92:00:06:e6:da:95:d2:74:7f:6e:37:e3:08:00 SRC=165.154.147.165 DST=46.62.222.43 LEN=40 TOS=0x08 PREC=0x00 TTL=234 ID=62186 PROTO=TCP SPT=46606 DPT=3389 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan

Showing 1 to 15 of 95 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 2600:1f1e:530:6900:e42b:c85e:1610:68ee

🇵🇱 194.180.48.148

🇮🇷 188.0.240.22

🇰🇷 175.209.246.38

🇺🇸 174.176.226.7

🇩🇪 139.19.117.130

🇮🇪 18.201.80.230

🇰🇷 222.98.122.37

🇺🇸 193.3.53.10

🇲🇽 186.96.145.241

🇩🇪 167.94.145.22

🇿🇦 154.73.17.130

🇧🇬 91.92.199.36

🇨🇳 220.197.78.254

🇬🇧 195.140.214.25

🇺🇸 193.202.11.112

🇵🇰 175.107.220.9

🇫🇷 163.5.241.19

🇭🇰 103.206.188.153

🇬🇭 102.223.92.101