JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.165.16.18

194.165.16.18 was found in our database!

This IP was reported 2,215 times. Confidence of Abuse is 74%: ?

74%

ISP	Flyservers S.A.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS48721
Domain Name	flyservers.com
Country	🇱🇹 Lithuania
City	Vilnius, Vilnius

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.165.16.18

Whois 194.165.16.18

IP Abuse Reports for 194.165.16.18:

This IP address has been reported a total of 2,215 times from 152 distinct sources. 194.165.16.18 was first reported on January 13th 2021, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Hugopvigo	2026-05-30 20:58:18 (2 weeks ago)	"2026-05-30 20:58:18+00:00 194.165.16.18 IP con score alto (100) detectada en el log."	Brute-Force SSH
🇩🇪 barbarella	2026-05-30 19:19:31 (2 weeks ago)	CVE-2020-0637 Remotedesktop Services Web Access Security Vulnerability (GET /RDWeb/Pages/)	Hacking Web App Attack
🇺🇸 conrad10781	2026-05-30 19:04:54 (2 weeks ago)	nginx-direct-ip	Port Scan
🇺🇸 xxkodedxx	2026-05-30 18:47:54 (2 weeks ago)	[Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost) Trigger: 2× edge-block in 10 ... show more [Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost) Trigger: 2× edge-block in 10m window. Origin: LT / AS48721 Flyservers S.A. Active: 18:47:33→18:47:38 UTC Volume: 2 HTTP req Probed: /RDWeb/Pages/ Status mix: 444×2 Vhost fishing: 67.217.240.72 UA: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.203" Auto-banned 30d. zorvexus-banner. show less	Bad Web Bot Web App Attack
🇩🇪 ecs.ge	2026-05-30 18:47:14 (2 weeks ago)	Automatic Fail2Ban report from jail plesk-modsecurity: multiple matching events detected.	Web App Attack Hacking
🇺🇸 billybobby	2026-05-30 18:27:34 (2 weeks ago)	Blocked by UFW [443/tcp] \| SPT: 54469 \| TTL: 121 \| LEN: 52 \| TOS: 0x02 • Reported by: github.com/sef ... show more Blocked by UFW [443/tcp] \| SPT: 54469 \| TTL: 121 \| LEN: 52 \| TOS: 0x02 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 kosada.com	2026-05-30 18:01:40 (2 weeks ago)	Web vulnerability probing: /RDWeb/Pages/	Web App Attack
🇪🇸 librebit	2026-05-30 14:59:43 (2 weeks ago)	Brute force	Brute-Force
🇳🇱 soverin	2026-05-30 14:53:12 (2 weeks ago)	Network scan on port 443	Email Spam
Anonymous	2026-05-30 14:33:08 (2 weeks ago)	Http Port:80 (http_status:403) - Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 ... show more Http Port:80 (http_status:403) - Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.203 show less	Web App Attack
🇺🇸 GreekCity	2026-05-30 13:28:22 (2 weeks ago)	bad-bot hacking for vulnerable links.	Hacking Exploited Host
🇺🇸 aks4226	2026-05-30 12:52:07 (2 weeks ago)	Attacking common web applications. (n01)	Web App Attack
🇩🇪 manuelisus	2026-05-30 11:29:29 (3 weeks ago)	Honeypot HTTP: +10: honeypot_connection, +15: short_automated_session, +30: abuseipdb_score_medium, ... show more Honeypot HTTP: +10: honeypot_connection, +15: short_automated_session, +30: abuseipdb_score_medium, +20: repeat_visitor, +30: subnet_correlation_8_ips show less	Web App Attack Hacking
🇺🇸 LSPCCU	2026-05-30 11:06:39 (3 weeks ago)	TSEC Honeypot Network report. Threat score: 100/100. Categories: Port Scan, Hacking, Brute-Force, We ... show more TSEC Honeypot Network report. Threat score: 100/100. Categories: Port Scan, Hacking, Brute-Force, Web App Attack, SSH. Honeypot: cowrie, ssh-telnet. Context: 194. show less	Port Scan Hacking Brute-Force Web App Attack SSH
Anonymous	2026-05-30 10:58:52 (3 weeks ago)	194.165.16.18 - - [30/May/2026:12:58:52 +0200] "GET /RDWeb/Pages/ HTTP/1.1" 402 3403 "-" "Mozilla/5. ... show more 194.165.16.18 - - [30/May/2026:12:58:52 +0200] "GET /RDWeb/Pages/ HTTP/1.1" 402 3403 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.203" ... show less	Web App Attack

Showing 1 to 15 of 2215 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 204.76.203.36

🇩🇪 192.109.200.220

🇸🇬 172.217.44.216

🇩🇪 137.226.198.155

🇺🇦 176.103.2.110

🇮🇳 128.185.219.54

🇺🇸 107.0.200.227

🇮🇳 103.100.7.38

🇧🇬 91.191.209.98

🇺🇸 52.160.224.116

🇹🇷 45.195.231.75

🇺🇦 37.221.157.115

🇰🇷 203.142.160.143

🇩🇪 167.94.145.16

🇱🇹 141.98.11.83

🇮🇩 43.243.142.42

🇰🇷 183.99.228.131

🇺🇸 160.153.176.197

🇺🇸 150.107.38.21

🇳🇱 77.105.138.89