City: Reston
Region: Virginia
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
NetRange: 165.154.0.0 - 165.154.255.255
CIDR: 165.154.0.0/16
NetName: APNIC
NetHandle: NET-165-154-0-0-1
Parent: NET165 (NET-165-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2021-02-16
Updated: 2021-02-16
Ref: https://rdap.arin.net/registry/ip/165.154.0.0
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
ResourceLink: whois://whois.apnic.net
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
ReferralServer: whois://whois.apnic.net
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.apnic.net.
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '165.154.224.0 - 165.154.255.255'
% Abuse contact for '165.154.224.0 - 165.154.255.255' is 'enquiry@scloud.sg'
inetnum: 165.154.224.0 - 165.154.255.255
netname: SCLOUDPTELTD-SG
descr: Scloud Pte Ltd t/a Scloud Pte Ltd
country: SG
org: ORG-SPL64-AP
admin-c: SPLA52-AP
tech-c: SPLA52-AP
status: ALLOCATED PORTABLE
abuse-c: AS3102-AP
remarks: --------------------------------------------------------
remarks: To report network abuse, please contact mnt-irt
remarks: For troubleshooting, please contact tech-c and admin-c
remarks: Report invalid contact via www.apnic.net/invalidcontact
remarks: --------------------------------------------------------
mnt-by: APNIC-HM
mnt-lower: MAINT-SCLOUDPTELTD-SG
mnt-routes: MAINT-SCLOUDPTELTD-SG
mnt-irt: IRT-SCLOUDPTELTD-SG
last-modified: 2021-09-14T05:37:01Z
source: APNIC
irt: IRT-SCLOUDPTELTD-SG
address: BLK71 Ayer Rajah Crescent
e-mail: enquiry@scloud.sg
abuse-mailbox: enquiry@scloud.sg
admin-c: SPLA52-AP
tech-c: SPLA52-AP
auth: # Filtered
remarks: enquiry@scloud.sg was validated on 2025-07-01
mnt-by: MAINT-SCLOUDPTELTD-SG
last-modified: 2025-09-04T07:47:47Z
source: APNIC
organisation: ORG-SPL64-AP
org-name: Scloud Pte Ltd
org-type: LIR
country: SG
address: 160 Robinson Rd, SBF Center, # 14-01
phone: +65 65920936
fax-no: +6562920937
e-mail: enquiry@scloud.sg
mnt-ref: APNIC-HM
mnt-by: APNIC-HM
last-modified: 2023-09-05T02:18:26Z
source: APNIC
role: ABUSE SCLOUDPTELTDSG
country: ZZ
address: BLK71 Ayer Rajah Crescent # 05-24/25/26
phone: +000000000
e-mail: enquiry@scloud.sg
admin-c: SPLA52-AP
tech-c: SPLA52-AP
nic-hdl: AS3102-AP
remarks: Generated from irt object IRT-SCLOUDPTELTD-SG
remarks: enquiry@scloud.sg was validated on 2025-07-01
abuse-mailbox: enquiry@scloud.sg
mnt-by: APNIC-ABUSE
last-modified: 2025-07-01T11:09:07Z
source: APNIC
role: Scloud Pte Ltd administrator
address: 160 Robinson Rd, SBF Center, #14-01, Singapore Singapore 068914
country: SG
phone: +65-65920936
e-mail: tech@scloud.sg
admin-c: SPLA52-AP
tech-c: SPLA52-AP
nic-hdl: SPLA52-AP
notify: tech@scloud.sg
mnt-by: MAINT-SCLOUDPTELTD-SG
last-modified: 2021-09-14T05:36:49Z
source: APNIC
% Information related to '165.154.238.0/24AS142002'
route: 165.154.238.0/24
origin: AS142002
descr: Scloud Pte Ltd
160 Robinson Rd, SBF Center, #14-01
mnt-by: MAINT-SCLOUDPTELTD-SG
last-modified: 2021-04-27T02:36:04Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.34 (WHOIS-AU4); <<>> DiG 9.10.3-P4-Ubuntu <<>> 165.154.238.250
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51354
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;165.154.238.250. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025102400 1800 900 604800 86400
;; Query time: 13 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 24 22:17:19 CST 2025
;; MSG SIZE rcvd: 108Host 250.238.154.165.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 250.238.154.165.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 190.39.12.72 | attackspambots | Unauthorized connection attempt from IP address 190.39.12.72 on Port 445(SMB) |
2020-09-16 23:37:01 |
| 180.158.14.140 | attackbotsspam | Sep 16 03:16:37 www6-3 sshd[31494]: Invalid user www from 180.158.14.140 port 2126 Sep 16 03:16:37 www6-3 sshd[31494]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.158.14.140 Sep 16 03:16:39 www6-3 sshd[31494]: Failed password for invalid user www from 180.158.14.140 port 2126 ssh2 Sep 16 03:16:39 www6-3 sshd[31494]: Received disconnect from 180.158.14.140 port 2126:11: Bye Bye [preauth] Sep 16 03:16:39 www6-3 sshd[31494]: Disconnected from 180.158.14.140 port 2126 [preauth] Sep 16 03:19:41 www6-3 sshd[31766]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.158.14.140 user=r.r Sep 16 03:19:43 www6-3 sshd[31766]: Failed password for r.r from 180.158.14.140 port 2127 ssh2 Sep 16 03:19:43 www6-3 sshd[31766]: Received disconnect from 180.158.14.140 port 2127:11: Bye Bye [preauth] Sep 16 03:19:43 www6-3 sshd[31766]: Disconnected from 180.158.14.140 port 2127 [preauth] ........ --------------------------------------------- |
2020-09-16 23:32:20 |
| 82.251.198.4 | attackbots | s2.hscode.pl - SSH Attack |
2020-09-16 23:34:36 |
| 177.144.130.198 | attackspam | Unauthorized connection attempt from IP address 177.144.130.198 on Port 445(SMB) |
2020-09-16 23:16:44 |
| 142.93.241.19 | attack | SSH bruteforce |
2020-09-16 23:14:42 |
| 170.130.187.54 | attackbotsspam | [N10.H2.VM2] Port Scanner Detected Blocked by UFW |
2020-09-16 23:36:25 |
| 165.22.101.43 | attack | Invalid user adsl from 165.22.101.43 port 49294 |
2020-09-16 23:18:43 |
| 192.99.11.177 | attackbots | 192.99.11.177 - - [16/Sep/2020:16:53:52 +0200] "GET /wp-login.php HTTP/1.1" 200 8796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.11.177 - - [16/Sep/2020:16:53:55 +0200] "POST /wp-login.php HTTP/1.1" 200 9047 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.11.177 - - [16/Sep/2020:16:53:56 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2020-09-16 23:31:48 |
| 120.92.94.94 | attack | Sep 16 13:26:57 plex-server sshd[84720]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.94.94 Sep 16 13:26:57 plex-server sshd[84720]: Invalid user nagios from 120.92.94.94 port 25736 Sep 16 13:27:00 plex-server sshd[84720]: Failed password for invalid user nagios from 120.92.94.94 port 25736 ssh2 Sep 16 13:29:58 plex-server sshd[86153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.94.94 user=root Sep 16 13:30:00 plex-server sshd[86153]: Failed password for root from 120.92.94.94 port 57494 ssh2 ... |
2020-09-16 23:08:53 |
| 195.97.75.174 | attack | $f2bV_matches |
2020-09-16 23:47:26 |
| 104.248.160.58 | attackspambots | 2020-09-16T08:17:27.9218681495-001 sshd[59311]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.160.58 user=root 2020-09-16T08:17:29.3099111495-001 sshd[59311]: Failed password for root from 104.248.160.58 port 55134 ssh2 2020-09-16T08:19:32.9736871495-001 sshd[59392]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.160.58 user=root 2020-09-16T08:19:35.1895351495-001 sshd[59392]: Failed password for root from 104.248.160.58 port 35338 ssh2 2020-09-16T08:21:33.1969671495-001 sshd[59511]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.160.58 user=root 2020-09-16T08:21:34.6897791495-001 sshd[59511]: Failed password for root from 104.248.160.58 port 43768 ssh2 ... |
2020-09-16 23:14:09 |
| 208.113.164.202 | attack | <6 unauthorized SSH connections |
2020-09-16 23:41:47 |
| 184.170.212.94 | attack | Failed password for root from 184.170.212.94 port 39784 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=184.170.212.94.16clouds.com user=root Failed password for root from 184.170.212.94 port 35796 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=184.170.212.94.16clouds.com user=root Failed password for root from 184.170.212.94 port 47934 ssh2 |
2020-09-16 23:24:28 |
| 118.193.35.172 | attackspam | (sshd) Failed SSH login from 118.193.35.172 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 16 05:03:10 server sshd[25243]: Invalid user neriishi from 118.193.35.172 port 62872 Sep 16 05:03:11 server sshd[25243]: Failed password for invalid user neriishi from 118.193.35.172 port 62872 ssh2 Sep 16 05:22:02 server sshd[30891]: Invalid user cfaniger from 118.193.35.172 port 10716 Sep 16 05:22:04 server sshd[30891]: Failed password for invalid user cfaniger from 118.193.35.172 port 10716 ssh2 Sep 16 05:27:56 server sshd[32392]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.193.35.172 user=root |
2020-09-16 23:11:51 |
| 142.93.52.3 | attackbots | 142.93.52.3 (US/United States/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 16 07:43:32 server2 sshd[30326]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.132.211 user=root Sep 16 07:43:34 server2 sshd[30326]: Failed password for root from 119.28.132.211 port 57056 ssh2 Sep 16 07:43:52 server2 sshd[30379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.217.161 user=root Sep 16 07:43:24 server2 sshd[30269]: Failed password for root from 142.93.52.3 port 60144 ssh2 Sep 16 07:43:19 server2 sshd[30128]: Failed password for root from 119.250.158.217 port 62043 ssh2 Sep 16 07:43:22 server2 sshd[30269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.52.3 user=root IP Addresses Blocked: 119.28.132.211 (HK/Hong Kong/-) 134.175.217.161 (CN/China/-) |
2020-09-16 23:30:14 |