City: Hong Kong
Region: unknown
Country: Hong Kong
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
NetRange: 165.154.0.0 - 165.154.255.255
CIDR: 165.154.0.0/16
NetName: APNIC
NetHandle: NET-165-154-0-0-1
Parent: NET165 (NET-165-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2021-02-16
Updated: 2021-02-16
Ref: https://rdap.arin.net/registry/ip/165.154.0.0
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
ResourceLink: whois://whois.apnic.net
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
ReferralServer: whois://whois.apnic.net
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.apnic.net.
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '165.154.125.0 - 165.154.125.255'
% Abuse contact for '165.154.125.0 - 165.154.125.255' is 'hegui@ucloud.cn'
inetnum: 165.154.125.0 - 165.154.125.255
netname: UCLOUD-HK
descr: UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED
country: HK
admin-c: UITH2-AP
tech-c: UITH2-AP
status: ALLOCATED NON-PORTABLE
mnt-by: MAINT-UCLOUD-HK
mnt-irt: IRT-UCLOUD-HK
abuse-c: AU164-AP
last-modified: 2024-08-27T06:20:29Z
source: APNIC
irt: IRT-UCLOUD-HK
address: FLAT/RM 603 6/F, LAWS COMMERCIAL PLAZA, 788 CHEUNG SHA WAN ROAD, KL,, Hong Kong
e-mail: pn-wan@ucloud.cn
abuse-mailbox: hegui@ucloud.cn
admin-c: UITH2-AP
tech-c: UITH2-AP
auth: # Filtered
remarks: hegui@ucloud.cn was validated on 2025-07-01
remarks: pn-wan@ucloud.cn was validated on 2025-07-01
mnt-by: MAINT-UCLOUD-HK
last-modified: 2025-09-04T07:41:27Z
source: APNIC
role: ABUSE UCLOUDHK
country: ZZ
address: FLAT/RM 603 6/F, LAWS COMMERCIAL PLAZA, 788 CHEUNG SHA WAN ROAD, KL,, Hong Kong
phone: +000000000
e-mail: pn-wan@ucloud.cn
admin-c: UITH2-AP
tech-c: UITH2-AP
nic-hdl: AU164-AP
remarks: Generated from irt object IRT-UCLOUD-HK
remarks: hegui@ucloud.cn was validated on 2025-07-01
remarks: pn-wan@ucloud.cn was validated on 2025-07-01
abuse-mailbox: hegui@ucloud.cn
mnt-by: APNIC-ABUSE
last-modified: 2025-07-01T09:51:21Z
source: APNIC
role: UCLOUD INFORMATION TECHNOLOGY HK LIMITED
address: FLAT/RM 603 6/F, LAWS COMMERCIAL PLAZA, 788 CHEUNG SHA WAN ROAD, KL,, Hong Kong
country: HK
phone: +000000000
e-mail: u-ipnic@ucloud.cn
admin-c: UITH2-AP
tech-c: UITH2-AP
nic-hdl: UITH2-AP
notify: hegui@ucloud.cn
mnt-by: MAINT-UCLOUD-HK
last-modified: 2022-05-16T03:54:14Z
source: APNIC
% Information related to '165.154.125.0/24AS135377'
route: 165.154.125.0/24
origin: AS135377
descr: UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED
FLAT/RM 603 6/F
LAWS COMMERCIAL PLAZA
788 CHEUNG SHA WAN ROAD, KL,
mnt-by: MAINT-UCLOUD-HK
last-modified: 2021-04-25T02:45:47Z
source: APNIC
% Information related to '165.154.125.0/24AS21859'
route: 165.154.125.0/24
origin: AS21859
descr: UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED
FLAT/RM 603 6/F
LAWS COMMERCIAL PLAZA
788 CHEUNG SHA WAN ROAD, KL,
mnt-by: MAINT-UCLOUD-HK
last-modified: 2022-04-21T07:26:18Z
source: APNIC
% Information related to '165.154.125.0/24AS62610'
route: 165.154.125.0/24
origin: AS62610
descr: UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED
FLAT/RM 603 6/F
LAWS COMMERCIAL PLAZA
788 CHEUNG SHA WAN ROAD, KL,
mnt-by: MAINT-UCLOUD-HK
last-modified: 2025-07-28T21:06:45Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.34 (WHOIS-AU4); <<>> DiG 9.10.3-P4-Ubuntu <<>> 165.154.125.226
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24979
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;165.154.125.226. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025091902 1800 900 604800 86400
;; Query time: 28 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Sep 20 08:00:06 CST 2025
;; MSG SIZE rcvd: 108Host 226.125.154.165.in-addr.arpa not found: 2(SERVFAIL)
server can't find 165.154.125.226.in-addr.arpa: SERVFAIL| IP | Type | Details | Datetime |
|---|---|---|---|
| 103.39.131.52 | attackbots | Sep 23 07:00:15 core sshd[22427]: Invalid user fieu from 103.39.131.52 port 43199 Sep 23 07:00:17 core sshd[22427]: Failed password for invalid user fieu from 103.39.131.52 port 43199 ssh2 ... |
2019-09-23 19:39:02 |
| 194.28.50.23 | attack | Fail2Ban - SSH Bruteforce Attempt |
2019-09-23 19:41:44 |
| 103.38.215.20 | attack | SSH invalid-user multiple login try |
2019-09-23 20:00:35 |
| 187.190.235.43 | attack | ssh intrusion attempt |
2019-09-23 19:34:54 |
| 129.204.52.199 | attack | Honeypot attack, port: 23, PTR: PTR record not found |
2019-09-23 19:57:33 |
| 159.89.153.54 | attack | $f2bV_matches |
2019-09-23 19:30:39 |
| 167.57.124.45 | attackbots | Automatic report - Port Scan Attack |
2019-09-23 19:42:08 |
| 218.92.0.145 | attackspambots | Sep 23 05:50:53 xtremcommunity sshd\[390105\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.145 user=root Sep 23 05:50:56 xtremcommunity sshd\[390105\]: Failed password for root from 218.92.0.145 port 17883 ssh2 Sep 23 05:50:58 xtremcommunity sshd\[390105\]: Failed password for root from 218.92.0.145 port 17883 ssh2 Sep 23 05:51:01 xtremcommunity sshd\[390105\]: Failed password for root from 218.92.0.145 port 17883 ssh2 Sep 23 05:51:04 xtremcommunity sshd\[390105\]: Failed password for root from 218.92.0.145 port 17883 ssh2 ... |
2019-09-23 19:51:31 |
| 37.49.231.121 | attack | Scanning random ports - tries to find possible vulnerable services |
2019-09-23 19:41:17 |
| 35.233.101.146 | attackbotsspam | 2019-09-23T10:45:24.739035abusebot-2.cloudsearch.cf sshd\[3938\]: Invalid user kiosk from 35.233.101.146 port 55748 |
2019-09-23 19:34:32 |
| 210.177.54.141 | attackbots | 2019-09-23T11:43:32.010583abusebot-8.cloudsearch.cf sshd\[14468\]: Invalid user m1 from 210.177.54.141 port 43594 2019-09-23T11:43:32.014952abusebot-8.cloudsearch.cf sshd\[14468\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.177.54.141 |
2019-09-23 19:49:10 |
| 172.217.4.68 | attackspambots | [DoS Attack: RST Scan] from source: 172.217.14.68, port 443, Sunday, September 22, 2019 08:49:09 |
2019-09-23 20:05:54 |
| 213.133.3.8 | attack | Sep 23 04:18:55 web8 sshd\[16239\]: Invalid user abcd1234 from 213.133.3.8 Sep 23 04:18:55 web8 sshd\[16239\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.133.3.8 Sep 23 04:18:57 web8 sshd\[16239\]: Failed password for invalid user abcd1234 from 213.133.3.8 port 40785 ssh2 Sep 23 04:23:18 web8 sshd\[18378\]: Invalid user qwerty123 from 213.133.3.8 Sep 23 04:23:18 web8 sshd\[18378\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.133.3.8 |
2019-09-23 19:32:40 |
| 107.175.131.117 | attackspambots | [portscan] tcp/23 [TELNET] *(RWIN=65535)(09231126) |
2019-09-23 19:49:52 |
| 142.252.251.74 | attackspambots | Sep 23 05:48:17 mail kernel: [399870.312453] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=142.252.251.74 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=106 ID=256 PROTO=TCP SPT=6000 DPT=8888 WINDOW=16384 RES=0x00 SYN URGP=0 Sep 23 05:48:17 mail kernel: [399870.313147] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=142.252.251.74 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=106 ID=256 PROTO=TCP SPT=6000 DPT=8088 WINDOW=16384 RES=0x00 SYN URGP=0 Sep 23 05:48:17 mail kernel: [399870.314607] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=142.252.251.74 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=106 ID=256 PROTO=TCP SPT=6000 DPT=8000 WINDOW=16384 RES=0x00 SYN URGP=0 Sep 23 05:48:17 mail kernel: [399870.313147] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=142.252.251.74 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=106 ID=256 PROTO=TCP SPT=6000 DPT=8088 WINDOW=16384 RES=0x00 SYN URGP=0 Sep |
2019-09-23 20:08:48 |