City: Lagos
Region: Lagos
Country: Nigeria
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 165.154.118.192 | attackproxy | Malicious IP / Malware |
2024-04-29 16:13:58 |
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
NetRange: 165.154.0.0 - 165.154.255.255
CIDR: 165.154.0.0/16
NetName: APNIC
NetHandle: NET-165-154-0-0-1
Parent: NET165 (NET-165-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2021-02-16
Updated: 2021-02-16
Ref: https://rdap.arin.net/registry/ip/165.154.0.0
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
ResourceLink: whois://whois.apnic.net
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
ReferralServer: whois://whois.apnic.net
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.apnic.net.
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '165.154.10.0 - 165.154.11.255'
% Abuse contact for '165.154.10.0 - 165.154.11.255' is 'hegui@ucloud.cn'
inetnum: 165.154.10.0 - 165.154.11.255
netname: UCLOUD-NG
descr: UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED
country: NG
admin-c: UITH2-AP
tech-c: UITH2-AP
abuse-c: AU164-AP
status: ALLOCATED NON-PORTABLE
mnt-by: MAINT-UCLOUD-HK
mnt-irt: IRT-UCLOUD-HK
last-modified: 2023-03-09T09:14:01Z
source: APNIC
irt: IRT-UCLOUD-HK
address: FLAT/RM 603 6/F, LAWS COMMERCIAL PLAZA, 788 CHEUNG SHA WAN ROAD, KL,, Hong Kong
e-mail: pn-wan@ucloud.cn
abuse-mailbox: hegui@ucloud.cn
admin-c: UITH2-AP
tech-c: UITH2-AP
auth: # Filtered
remarks: hegui@ucloud.cn was validated on 2025-07-01
remarks: pn-wan@ucloud.cn was validated on 2025-07-01
mnt-by: MAINT-UCLOUD-HK
last-modified: 2025-09-04T07:41:27Z
source: APNIC
role: ABUSE UCLOUDHK
country: ZZ
address: FLAT/RM 603 6/F, LAWS COMMERCIAL PLAZA, 788 CHEUNG SHA WAN ROAD, KL,, Hong Kong
phone: +000000000
e-mail: pn-wan@ucloud.cn
admin-c: UITH2-AP
tech-c: UITH2-AP
nic-hdl: AU164-AP
remarks: Generated from irt object IRT-UCLOUD-HK
remarks: hegui@ucloud.cn was validated on 2025-07-01
remarks: pn-wan@ucloud.cn was validated on 2025-07-01
abuse-mailbox: hegui@ucloud.cn
mnt-by: APNIC-ABUSE
last-modified: 2025-07-01T09:51:21Z
source: APNIC
role: UCLOUD INFORMATION TECHNOLOGY HK LIMITED
address: FLAT/RM 603 6/F, LAWS COMMERCIAL PLAZA, 788 CHEUNG SHA WAN ROAD, KL,, Hong Kong
country: HK
phone: +000000000
e-mail: u-ipnic@ucloud.cn
admin-c: UITH2-AP
tech-c: UITH2-AP
nic-hdl: UITH2-AP
notify: hegui@ucloud.cn
mnt-by: MAINT-UCLOUD-HK
last-modified: 2022-05-16T03:54:14Z
source: APNIC
% Information related to '165.154.11.0/24AS135377'
route: 165.154.11.0/24
origin: AS135377
descr: UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED
FLAT/RM 603 6/F
LAWS COMMERCIAL PLAZA
788 CHEUNG SHA WAN ROAD, KL,
mnt-by: MAINT-UCLOUD-HK
last-modified: 2021-11-17T03:32:34Z
country: NG
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.36-SNAPSHOT (WHOIS-AU5); <<>> DiG 9.10.3-P4-Ubuntu <<>> 165.154.11.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23513
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;165.154.11.52. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025100600 1800 900 604800 86400
;; Query time: 89 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 06 23:02:36 CST 2025
;; MSG SIZE rcvd: 106Host 52.11.154.165.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 52.11.154.165.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 59.145.221.103 | attackspam | Jul 25 00:47:34 eventyay sshd[24391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.145.221.103 Jul 25 00:47:35 eventyay sshd[24391]: Failed password for invalid user api from 59.145.221.103 port 42676 ssh2 Jul 25 00:54:36 eventyay sshd[26094]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.145.221.103 ... |
2019-07-25 07:07:46 |
| 74.215.6.150 | attackbots | Automatic report - Port Scan Attack |
2019-07-25 06:25:07 |
| 178.128.183.90 | attackbotsspam | Jul 24 18:36:54 v22018076622670303 sshd\[13633\]: Invalid user athena from 178.128.183.90 port 54180 Jul 24 18:36:54 v22018076622670303 sshd\[13633\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.183.90 Jul 24 18:36:56 v22018076622670303 sshd\[13633\]: Failed password for invalid user athena from 178.128.183.90 port 54180 ssh2 ... |
2019-07-25 06:47:53 |
| 139.219.0.173 | attack | Many RDP login attempts detected by IDS script |
2019-07-25 07:02:39 |
| 13.232.74.36 | attack | Automatic report generated by Wazuh |
2019-07-25 06:39:22 |
| 82.64.140.9 | attackspambots | detected by Fail2Ban |
2019-07-25 07:08:46 |
| 37.194.144.2 | attackbots | Splunk® : port scan detected: Jul 24 12:36:29 testbed kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:64:c3:d6:0b:ef:f0:08:00 SRC=37.194.144.2 DST=104.248.11.191 LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=40464 PROTO=TCP SPT=29054 DPT=5555 WINDOW=47729 RES=0x00 SYN URGP=0 |
2019-07-25 06:56:33 |
| 180.71.47.198 | attackspam | 2019-07-24T22:48:02.419746abusebot-4.cloudsearch.cf sshd\[6062\]: Invalid user sakai from 180.71.47.198 port 49632 |
2019-07-25 07:03:36 |
| 41.191.101.4 | attackbotsspam | SSH Brute-Force attacks |
2019-07-25 07:07:04 |
| 187.178.147.96 | attackspam | Automatic report - Port Scan Attack |
2019-07-25 06:55:33 |
| 190.10.8.50 | attackspambots | Jul 24 18:35:36 km20725 sshd\[3951\]: Failed password for root from 190.10.8.50 port 54865 ssh2Jul 24 18:35:39 km20725 sshd\[3951\]: Failed password for root from 190.10.8.50 port 54865 ssh2Jul 24 18:35:43 km20725 sshd\[3951\]: Failed password for root from 190.10.8.50 port 54865 ssh2Jul 24 18:35:47 km20725 sshd\[3951\]: Failed password for root from 190.10.8.50 port 54865 ssh2 ... |
2019-07-25 07:09:59 |
| 139.59.9.58 | attack | Jul 24 22:37:42 debian sshd\[28426\]: Invalid user user from 139.59.9.58 port 59504 Jul 24 22:37:42 debian sshd\[28426\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.9.58 ... |
2019-07-25 06:26:20 |
| 91.121.220.97 | attackspam | Jul 24 20:07:51 SilenceServices sshd[13859]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.220.97 Jul 24 20:07:51 SilenceServices sshd[13862]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.220.97 Jul 24 20:07:53 SilenceServices sshd[13859]: Failed password for invalid user condor from 91.121.220.97 port 36566 ssh2 Jul 24 20:07:53 SilenceServices sshd[13862]: Failed password for invalid user condor from 91.121.220.97 port 58222 ssh2 |
2019-07-25 07:05:29 |
| 153.36.236.151 | attack | SSH-BruteForce |
2019-07-25 06:35:01 |
| 188.32.9.154 | attack | SSH invalid-user multiple login attempts |
2019-07-25 06:49:34 |