JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.0.167.225

154.0.167.225 was found in our database!

This IP was reported 146 times. Confidence of Abuse is 75%: ?

75%

ISP	AFRIHOST SP (PTY) LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS37611
Hostname(s)	psweb.dedicated.co.za
Domain Name	afrihost.com
Country	🇿🇦 South Africa
City	Johannesburg, Gauteng

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.0.167.225

Whois 154.0.167.225

IP Abuse Reports for 154.0.167.225:

This IP address has been reported a total of 146 times from 64 distinct sources. 154.0.167.225 was first reported on April 23rd 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 ICS Labs	2026-06-08 13:07:54 (1 day ago)	ICS Labs identified 154.0.167.225 as a malicious indicator from threat intelligence.	DDoS Attack Hacking Brute-Force Exploited Host
Anonymous	2026-06-06 13:46:14 (3 days ago)	Failed Wordpress Logins	Web App Attack
Anonymous	2026-06-04 20:29:19 (5 days ago)	Failed Wordpress Logins	Web App Attack
Anonymous	2026-05-24 18:08:16 (2 weeks ago)	Failed Wordpress Logins	Web App Attack
Anonymous	2026-05-17 20:56:39 (3 weeks ago)	Failed Wordpress Logins	Web App Attack
Anonymous	2026-05-16 04:46:23 (3 weeks ago)	Failed Wordpress Logins	Web App Attack
Anonymous	2026-05-10 08:14:53 (4 weeks ago)	Failed Wordpress Logins	Web App Attack
Anonymous	2026-05-05 11:46:14 (1 month ago)	Failed Wordpress Logins	Web App Attack
Anonymous	2026-05-01 06:19:48 (1 month ago)	Failed Wordpress Logins	Web App Attack
Anonymous	2026-04-30 02:46:16 (1 month ago)	Failed Wordpress Logins	Web App Attack
🇫🇷 dwmp	2026-04-29 03:32:09 (1 month ago)	154.0.167.225 - - [29/Apr/2026:01:48:12 +0200] "POST /wp-login.php HTTP/1.0" 200 7591 "https://www.o ... show more 154.0.167.225 - - [29/Apr/2026:01:48:12 +0200] "POST /wp-login.php HTTP/1.0" 200 7591 "https://www.odontotecnicomodena.it/wp-login.php" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)" 154.0.167.225 - - [29/Apr/2026:02:10:57 +0200] "POST /wp-login.php HTTP/1.0" 200 7593 "https://www.odontotecnicomodena.it/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; NMTE; rv:11.0) like Gecko" 154.0.167.225 - - [29/Apr/2026:05:32:08 +0200] "POST /wp-login.php HTTP/1.0" 200 7593 "https://www.odontotecnicomodena.it/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" ... show less	Brute-Force
🇩🇪 todix	2026-04-29 03:13:41 (1 month ago)	WebAttack or semilar from 154.0.167.225	Web App Attack
🇪🇸 masterguru	2026-04-29 02:29:34 (1 month ago)	(PERMBLOCK) 154.0.167.225 (ZA/South Africa/psweb.dedicated.co.za) has had more than 3 temp blocks in ... show more (PERMBLOCK) 154.0.167.225 (ZA/South Africa/psweb.dedicated.co.za) has had more than 3 temp blocks in the last 86400 secs (0-123) show less	Hacking
🇩🇪 Ba-Yu	2026-04-29 02:21:05 (1 month ago)	WordPress bruteforce	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 nyt	2026-04-29 02:19:29 (1 month ago)	Repeated WordPress login POSTs blocked by WAF (3 in 6h)	Brute-Force Web App Attack

Showing 1 to 15 of 146 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇱🇹 81.30.98.158

🇨🇳 218.13.157.209

🇬🇧 213.166.84.58

🇮🇳 182.95.40.98

🇩🇪 165.227.170.113

🇺🇸 162.216.150.99

🇸🇬 159.223.50.237

🇨🇳 120.55.65.26

🇬🇧 118.193.64.15

🇹🇼 111.70.50.68

🇱🇹 81.30.98.144

🇱🇹 77.90.185.68

🇩🇪 69.5.169.113

🇲🇾 47.254.247.11

🇮🇷 5.202.169.252

🇧🇪 198.235.24.200

🇧🇷 177.202.142.181

🇷🇺 176.120.22.113

🇳🇱 176.65.139.215

🇺🇸 104.28.245.40