JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 165.154.173.125

165.154.173.125 was found in our database!

This IP was reported 1,529 times. Confidence of Abuse is 94%: ?

94%

ISP	UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED
Usage Type	Data Center/Web Hosting/Transit
ASN	AS135377
Domain Name	ucloud.cn
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 165.154.173.125

Whois 165.154.173.125

IP Abuse Reports for 165.154.173.125:

This IP address has been reported a total of 1,529 times from 121 distinct sources. 165.154.173.125 was first reported on January 31st 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 liewebs	2026-06-21 07:37:23 (1 day ago)	SYN Flood attack detected - cloud03.liewebs.es	Port Scan DDoS Attack
🇧🇷 diego	2026-06-20 05:25:27 (2 days ago)	[rede-188] 2026-06-20 05:08:05, Client: 165.154.173.125, Protocol: 6, Unauthorized activity to HTTP: ... show more [rede-188] 2026-06-20 05:08:05, Client: 165.154.173.125, Protocol: 6, Unauthorized activity to HTTP: GET / show less	Web App Attack
🇬🇧 OptimusGO	2026-06-20 02:17:01 (3 days ago)	Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Time ... show more Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Timestamp: 2026-06-20 03:17:01 UTC Log evidence: 165.154.173.125 - - [20/Jun/2026:03:10:42 +0100] "GET / HTTP/1.1" 200 409 "-" "Mozilla/5.0 (Macintosh, Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15" 165.154.173.125 - - [20/Jun/2026:03:10:50 +0100] "GET /favicon.ico HTTP/1.1" 404 118 "-" "Mozilla/5.0 (Macintosh, Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15" 165.154.173.125 - - [20/Jun/2026:03:16:59 +0100] "GET /favicon.ico HTTP/1.1" 404 118 "-" "Go-http-client/1.1" show less	Port Scan Brute-Force
🇸🇬 Starburst SysOp Team	2026-06-19 13:22:36 (3 days ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-sin2-2)	Hacking Bad Web Bot
Anonymous	2026-06-18 18:12:30 (4 days ago)	Honeypot hit: HTTP/1.1 request on 49152 GET / User-Agent: Mozilla/5.0 (SS; Linux i686) AppleWebKit/ ... show more Honeypot hit: HTTP/1.1 request on 49152 GET / User-Agent: Mozilla/5.0 (SS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept-Encoding: gzip; 49152 [6] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇭🇰 sandra361	2026-06-18 12:56:22 (4 days ago)	Port scan detected: 18 attempts across 1 ports (5000). \| Evidence: REAPER_TARPIT: IN=eth0 SRC=165.15 ... show more Port scan detected: 18 attempts across 1 ports (5000). \| Evidence: REAPER_TARPIT: IN=eth0 SRC=165.154.173.125 LEN=60 TOS=0x14 PREC=0x00 TTL=52 ID=10563 DF PROTO=TCP SPT=53180 DPT=5000 WINDOW=64952 RES=0x00 SYN URGP=0 show less	Port Scan
🇺🇸 Bankbook8585	2026-06-18 09:19:57 (4 days ago)	T-Pot honeypot \| Honeytrap: port 1900	Port Scan Hacking
🇺🇸 donarev419	2026-06-18 01:21:56 (5 days ago)	Connection to port 5000 with data transfer. Data preview: GET / HTTP/1.1 Host: 198.23.188.201:5000 ... show more Connection to port 5000 with data transfer. Data preview: GET / HTTP/1.1 Host: 198.23.188.201:5000 User-Agent: Mozilla/5.0 (Windows NT 6.2; Win64; x64; rv:1 show less	Port Scan Hacking
🇭🇰 Harold Wong	2026-06-14 10:23:50 (1 week ago)	$f2bV_matches	Brute-Force
🇺🇸 LotPhantom	2026-06-14 10:22:56 (1 week ago)	2026-06-14T10:22:56.342814+00:00 bridginggaps kernel: [UFW BLOCK] IN=eth0 OUT= MAC=2e:bc:64:1d:2c:e1 ... show more 2026-06-14T10:22:56.342814+00:00 bridginggaps kernel: [UFW BLOCK] IN=eth0 OUT= MAC=2e:bc:64:1d:2c:e1:fe:00:00:00:01:01:08:00 SRC=165.154.173.125 DST=157.230.217.55 LEN=60 TOS=0x08 PREC=0x20 TTL=47 ID=58797 DF PROTO=TCP SPT=55426 DPT=8080 WINDOW=64952 RES=0x00 SYN URGP=0 ... show less	Port Scan Hacking
🇵🇱 sefinek.net	2026-06-13 23:34:58 (1 week ago)	Honeypot hit: HTTP/1.1 request on 8181 GET / User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_ ... show more Honeypot hit: HTTP/1.1 request on 8181 GET / User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.5 Safari/604.1 Accept-Encoding: gzip; 8181 [14] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇩🇪 anycast_ac	2026-06-13 13:13:09 (1 week ago)	[mirai-detector honeypot] Inbound attack against our honeypot on tcp/8080 (http). Commands captured: ... show more [mirai-detector honeypot] Inbound attack against our honeypot on tcp/8080 (http). Commands captured: $ GET /favicon.ico HTTP/1.1 show less	DDoS Attack IoT Targeted Brute-Force
🇩🇪 anycast_ac	2026-06-13 12:56:52 (1 week ago)	[mirai-detector honeypot] Inbound attack against our honeypot on tcp/8080 (http). Commands captured: ... show more [mirai-detector honeypot] Inbound attack against our honeypot on tcp/8080 (http). Commands captured: $ GET / HTTP/1.1 show less	DDoS Attack IoT Targeted Brute-Force
🇫🇷 masterguru	2026-06-13 07:41:53 (1 week ago)	Host header is a numeric IP address. Pattern match "^ (920350-131)	Hacking Bad Web Bot
🇪🇸 Gem	2026-06-13 05:59:38 (1 week ago)	Unauthorized web scan.	Web App Attack

Showing 1 to 15 of 1529 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇹 213.55.79.195

🇻🇳 183.80.59.193

🇺🇾 179.26.222.8

🇸🇪 171.25.158.47

🇺🇸 164.92.101.37

🇬🇧 162.158.216.5

🇫🇮 147.185.133.140

🇳🇱 91.92.40.151

🇺🇸 68.183.58.131

🇷🇺 45.8.125.225

🇿🇦 41.181.156.205

🇺🇸 18.210.6.154

🇿🇦 197.184.108.106

🇺🇸 159.65.172.40

🇧🇷 138.122.140.200

🇳🇱 91.92.40.5

🇳🇱 77.83.39.94

🇺🇸 66.240.192.138

🇺🇸 64.227.0.95

🇺🇸 64.62.197.162