JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 165.154.163.227

165.154.163.227 was found in our database!

This IP was reported 1,482 times. Confidence of Abuse is 65%: ?

65%

ISP	UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED
Usage Type	Data Center/Web Hosting/Transit
ASN	AS135377
Domain Name	ucloud.cn
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 165.154.163.227

Whois 165.154.163.227

IP Abuse Reports for 165.154.163.227:

This IP address has been reported a total of 1,482 times from 126 distinct sources. 165.154.163.227 was first reported on January 31st 2026, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 diego	2026-06-20 05:05:20 (6 days ago)	[probe-44-49] 2026-06-20 04:49:20, Client: 165.154.163.227, Protocol: 6, Unauthorized activity to HT ... show more [probe-44-49] 2026-06-20 04:49:20, Client: 165.154.163.227, Protocol: 6, Unauthorized activity to HTTP: GET / show less	Web App Attack
Anonymous	2026-06-19 15:54:05 (6 days ago)	Reported from Nginx log analysis 19. Log: 165.154.163.227 - - [19/Jun/2026:xx:xx:xx 0200] "GET / HT ... show more Reported from Nginx log analysis 19. Log: 165.154.163.227 - - [19/Jun/2026:xx:xx:xx 0200] "GET / HTTP/1.1" xxx xxx "-" "Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36" "-" "US United States Los Angeles" "AS135377" "UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED" show less	Port Scan Brute-Force SSH
🇧🇷 diego	2026-06-18 04:30:20 (1 week ago)	[probe-44-49] 2026-06-18 04:12:35, Client: 165.154.163.227, Protocol: 6, Unauthorized activity to HT ... show more [probe-44-49] 2026-06-18 04:12:35, Client: 165.154.163.227, Protocol: 6, Unauthorized activity to HTTP: GET / show less	Web App Attack
🇩🇪 heyzg	2026-06-18 01:06:13 (1 week ago)	HTTP honeypot \| Web Scanning \| 3 HTTP, 2.9m	Bad Web Bot Web App Attack
🇩🇪 fds.io	2026-06-17 00:35:32 (1 week ago)	detected and blocked multiple http 400 bad-request attempts	Bad Web Bot Web App Attack
🇦🇺 FEWA	2026-06-15 07:13:47 (1 week ago)	Fail2Ban Ban Triggered	Hacking Bad Web Bot Web App Attack
🇧🇷 diego	2026-06-13 02:25:20 (1 week ago)	[probe-44-49] 2026-06-13 02:08:28, Client: 165.154.163.227, Protocol: 6, Unauthorized activity to HT ... show more [probe-44-49] 2026-06-13 02:08:28, Client: 165.154.163.227, Protocol: 6, Unauthorized activity to HTTP: GET / show less	Web App Attack
🇧🇷 diego	2026-06-12 14:53:08 (1 week ago)	[arem1] 2026-06-12 14:36:33, Client: 165.154.163.227, Protocol: 6, Unauthorized activity to HTTP: GE ... show more [arem1] 2026-06-12 14:36:33, Client: 165.154.163.227, Protocol: 6, Unauthorized activity to HTTP: GET / show less	Web App Attack
🇺🇸 Rayulcifer	2026-06-12 02:10:27 (2 weeks ago)	165.154.163.227 - - [11/Jun/2026:21:10:25 -0500] "\x16\x03\x01\x05\xc4\x01" 400 392 "-" "-" 165.154. ... show more 165.154.163.227 - - [11/Jun/2026:21:10:25 -0500] "\x16\x03\x01\x05\xc4\x01" 400 392 "-" "-" 165.154.163.227 - - [11/Jun/2026:21:10:25 -0500] "\x16\x03\x01" 400 392 "-" "-" 165.154.163.227 - - [11/Jun/2026:21:10:26 -0500] "\x16\x03\x01" 400 392 "-" "-" 165.154.163.227 - - [11/Jun/2026:21:10:26 -0500] "\x16\x03\x01\x05\xc4\x01" 400 392 "-" "-" 165.154.163.227 - - [11/Jun/2026:21:10:26 -0500] "\x16\x03\x01" 400 392 "-" "-" ... show less	Open Proxy Port Scan Hacking Web App Attack SSH
🇮🇩 PENJAGA.AUM	2026-06-11 21:13:19 (2 weeks ago)	165.154.163.227 - Attack: Possible XSS attack, script tag	Web App Attack SQL Injection Spoofing
🇧🇷 diego	2026-06-11 01:45:20 (2 weeks ago)	[probe-44-49] 2026-06-11 01:17:14, Client: 165.154.163.227, Protocol: 6, Unauthorized activity to HT ... show more [probe-44-49] 2026-06-11 01:17:14, Client: 165.154.163.227, Protocol: 6, Unauthorized activity to HTTP: GET / show less	Web App Attack
🇮🇩 Burayot	2026-06-10 23:21:22 (2 weeks ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 165.154.163.227 (US/United States/-) ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 165.154.163.227 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇧🇷 diego	2026-06-09 03:18:07 (2 weeks ago)	[arem1] 2026-06-09 03:01:44, Client: 165.154.163.227, Protocol: 6, Unauthorized activity to HTTP: GE ... show more [arem1] 2026-06-09 03:01:44, Client: 165.154.163.227, Protocol: 6, Unauthorized activity to HTTP: GET / show less	Web App Attack
🇺🇸 sandra361	2026-06-06 21:51:01 (2 weeks ago)	Port scan detected: 17 attempts across 1 ports (8181). \| Evidence: REAPER_TARPIT:IN=enp1s0 OUT= SRC= ... show more Port scan detected: 17 attempts across 1 ports (8181). \| Evidence: REAPER_TARPIT:IN=enp1s0 OUT= SRC=165.154.163.227 LEN=60 TOS=0x00 PREC=0x00 TTL=44 ID=34010 DF PROTO=TCP SPT=53182 DPT=8181 WINDOW=64952 RES=0x00 SYN URGP=0 show less	Port Scan
🇮🇳 evicky2002	2026-05-22 13:19:47 (1 month ago)	Confirmed malicious by STILWaters CTI platform (score=100, sources=1)	Hacking Brute-Force SSH

Showing 1 to 15 of 1482 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 125.166.118.138

🇹🇳 41.230.60.197

🇧🇷 179.189.85.66

🇺🇸 172.236.96.75

🇺🇸 146.88.241.30

🇺🇸 69.10.63.170

🇳🇱 34.147.121.11

🇺🇸 216.25.89.117

🇬🇧 193.163.201.14

🇩🇪 185.242.3.195

🇩🇪 128.1.123.178

🇳🇱 91.92.40.204

🇨🇳 14.103.112.104

🇩🇪 3.120.207.70

🇺🇸 2607:f8b0:4004:100d::123

🇲🇾 195.86.192.66

🇳🇬 154.118.23.106

🇩🇪 148.251.47.87

🇺🇸 147.185.132.199

🇨🇳 115.56.238.174