JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 165.154.163.218

165.154.163.218 was found in our database!

This IP was reported 1,509 times. Confidence of Abuse is 55%: ?

55%

ISP	UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED
Usage Type	Data Center/Web Hosting/Transit
ASN	AS135377
Domain Name	ucloud.cn
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 165.154.163.218

Whois 165.154.163.218

IP Abuse Reports for 165.154.163.218:

This IP address has been reported a total of 1,509 times from 118 distinct sources. 165.154.163.218 was first reported on January 31st 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 SaturdayNightLive	2026-06-20 00:06:10 (1 week ago)	Port scan on 5000	Port Scan Hacking
🇩🇪 Axel	2026-06-18 11:09:16 (1 week ago)	[2026-06-18 11:09:16 UTC] Honeypot Flask connection attempt \| AXFRA HONEYPOT	Web App Attack
🇩🇪 Stefan Dreher	2026-06-16 13:06:55 (1 week ago)	165.154.163.218 - - [16/Jun/2026:15:06:53 +0200] "\x16\x03\x01\x05\xC4\x01\x00\x05\xC0\x03\x03\xE5 \ ... show more 165.154.163.218 - - [16/Jun/2026:15:06:53 +0200] "\x16\x03\x01\x05\xC4\x01\x00\x05\xC0\x03\x03\xE5 \xEE\xAF\x81\x0BE\xEF\x12\xE2\x89h\x14\xF0>Gc\x02\xB8\x11T\xB3\x994\x89SZ\x09\x92^ G \xFA[\x02I\xB9\xB3\xACT\xAC8\xAB\xD5\xBC\xB7Y\xC9" 400 157 "-" "-" 165.154.163.218 - - [16/Jun/2026:15:06:53 +0200] "\x16\x03\x01\x00\xE0\x01\x00\x00\xDC\x03\x03\xEC'@\xEAY5\xAEr\xB7\x1C\xEA\xD0?\xBB-\x09\x855r\xDC:\xC0\x10-Q\xB8V\xCE\xEA\x10I/\x00\x00h\xC0$\x00<\x009\x00\x9E\x00\x11\xC0\x09\x00\x9F\xC0\x12\xCC\xA9\x00" 400 157 "-" "-" 165.154.163.218 - - [16/Jun/2026:15:06:54 +0200] "\x16\x03\x01\x00\xD4\x01\x00\x00\xD0\x03\x03\xDE\xBE\xD4J\x8D\xDA\x92\xF7Lqu\xBD.\xC0\x93\xA2qU\xF2T@\xE8\xCC:@\x07\x00\x03Px\x81A\x00\x008\xC0,\xC00\x00\x9F\xCC\xA9\xCC\xA8\xCC\xAA\xC0+\xC0/\x00\x9E\xC0$\xC0(\x00k\xC0#\xC0'\x00g\xC0" 400 157 "-" "-" ... show less	Hacking Brute-Force
🇫🇷 ✨	2026-06-15 00:39:15 (1 week ago)	Rule : WEB 2026-06-15 00:37:47 165.154.163.218 38166 5.134.124.44 80 - - - - 400 - Verb -	Port Scan
🇧🇷 diego	2026-06-14 15:08:08 (1 week ago)	[arem1] 2026-06-14 14:53:00, Client: 165.154.163.218, Protocol: 6, Unauthorized activity to HTTP: GE ... show more [arem1] 2026-06-14 14:53:00, Client: 165.154.163.218, Protocol: 6, Unauthorized activity to HTTP: GET / show less	Web App Attack
🇩🇪 anycast_ac	2026-06-14 13:28:32 (1 week ago)	[mirai-detector honeypot] Inbound attack against our honeypot on tcp/8080 (http). Commands captured: ... show more [mirai-detector honeypot] Inbound attack against our honeypot on tcp/8080 (http). Commands captured: $ GET /favicon.ico HTTP/1.1 show less	DDoS Attack IoT Targeted Brute-Force
🇩🇪 anycast_ac	2026-06-14 13:13:09 (1 week ago)	[mirai-detector honeypot] Inbound attack against our honeypot on tcp/8080 (http). Commands captured: ... show more [mirai-detector honeypot] Inbound attack against our honeypot on tcp/8080 (http). Commands captured: $ GET / HTTP/1.1 show less	DDoS Attack IoT Targeted Brute-Force
🇧🇷 diego	2026-06-13 02:30:20 (2 weeks ago)	[probe-44-49] 2026-06-13 02:10:26, Client: 165.154.163.218, Protocol: 6, Unauthorized activity to HT ... show more [probe-44-49] 2026-06-13 02:10:26, Client: 165.154.163.218, Protocol: 6, Unauthorized activity to HTTP: GET / show less	Web App Attack
🇧🇷 diego	2026-06-11 02:10:20 (2 weeks ago)	[probe-44-49] 2026-06-11 01:53:58, Client: 165.154.163.218, Protocol: 6, Unauthorized activity to HT ... show more [probe-44-49] 2026-06-11 01:53:58, Client: 165.154.163.218, Protocol: 6, Unauthorized activity to HTTP: GET / show less	Web App Attack
🇸🇬 drewf.ink	2026-06-11 02:04:48 (2 weeks ago)	[02:04] Port scanning. Port(s) scanned: TCP/8080	Port Scan
🇧🇷 diego	2026-06-11 01:20:20 (2 weeks ago)	[probe-44-49] 2026-06-11 01:04:43, Client: 165.154.163.218, Protocol: 6, Unauthorized activity to HT ... show more [probe-44-49] 2026-06-11 01:04:43, Client: 165.154.163.218, Protocol: 6, Unauthorized activity to HTTP: GET / show less	Web App Attack
🇳🇱 donarev419	2026-05-28 02:59:55 (4 weeks ago)	Connection to port 127 with data transfer. Data preview: �	Port Scan Hacking
🇮🇳 evicky2002	2026-05-22 13:19:47 (1 month ago)	Confirmed malicious by STILWaters CTI platform (score=100, sources=1)	Hacking Brute-Force SSH
🇦🇺 trentwiles.com	2026-05-17 20:43:58 (1 month ago)	Unauthorized connection attempt detected from IP address 165.154.163.218 to port 8181 [SYD]	Port Scan
🇸🇪 donarev419	2026-05-16 02:17:54 (1 month ago)	Connection to port 8181 with data transfer. Data preview: GET / HTTP/1.1 Host: 51.21.134.169:8181 ... show more Connection to port 8181 with data transfer. Data preview: GET / HTTP/1.1 Host: 51.21.134.169:8181 User-Agent: Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537 show less	Port Scan Hacking

Showing 1 to 15 of 1509 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 195.178.110.30

🇬🇧 193.163.125.154

🇰🇷 112.216.129.27

🇵🇪 38.252.213.122

🇺🇸 3.213.184.145

🇺🇸 216.73.125.161

🇦🇺 203.185.198.246

🇨🇳 106.13.182.13

🇸🇪 104.23.221.26

🇺🇸 98.82.121.39

🇳🇱 91.92.241.254

🇺🇸 66.132.224.87

🇺🇸 44.191.49.173

🇩🇪 213.209.159.226

🇲🇾 175.143.29.120

🇫🇷 172.71.134.121

🇺🇸 151.240.45.56

🇺🇸 136.107.33.84

🇵🇱 74.248.17.67

🇺🇸 66.132.186.141