JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.12.22.39

154.12.22.39 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 100%: ?

100%

ISP	cognetcloud INC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS401696
Domain Name	mytgts.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.12.22.39

Whois 154.12.22.39

IP Abuse Reports for 154.12.22.39:

This IP address has been reported a total of 32 times from 29 distinct sources. 154.12.22.39 was first reported on June 4th 2026, and the most recent report was 21 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇷 Squearex	2026-06-09 01:23:33 (21 hours ago)	Automated ban by SCUMUnified Shield. Honeypot Trap Triggered (Decoy Port 3389)	Brute-Force SSH
🇩🇪 kexol	2026-06-09 01:17:22 (22 hours ago)	3389 port scanned	Port Scan
🇱🇹 NotACaptcha	2026-06-07 19:00:03 (2 days ago)	Unauthorised access (Jun 7 22:00) SRC=154.12.22.39 LEN=40 TTL=228 ID=20109 TCP DPT=3389 WINDOW=1024 ... show more Unauthorised access (Jun 7 22:00) SRC=154.12.22.39 LEN=40 TTL=228 ID=20109 TCP DPT=3389 WINDOW=1024 SYN show less	Port Scan
🇳🇵 radheykrishna.com.np	2026-06-06 11:18:58 (3 days ago)	Jun 6 17:03:57 kernel: [4234549.006120] [UFW BLOCK] IN=ens160 OUT= SRC=154.12.22.39 LEN=40 TOS=0x00 ... show more Jun 6 17:03:57 kernel: [4234549.006120] [UFW BLOCK] IN=ens160 OUT= SRC=154.12.22.39 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=60192 PROTO=TCP SPT=59974 DPT=3389 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇱🇹 NotACaptcha	2026-06-06 11:14:48 (3 days ago)	Unauthorised access (Jun 6 14:14) SRC=154.12.22.39 LEN=40 TTL=227 ID=10747 TCP DPT=3389 WINDOW=1024 ... show more Unauthorised access (Jun 6 14:14) SRC=154.12.22.39 LEN=40 TTL=227 ID=10747 TCP DPT=3389 WINDOW=1024 SYN show less	Port Scan
🇲🇿 delsio	2026-06-06 10:43:14 (3 days ago)	AS37697 ntopng observed inbound attack; alert=Live Flow High Score; source=154.12.22.39; destination ... show more AS37697 ntopng observed inbound attack; alert=Live Flow High Score; source=154.12.22.39; destination=160.119.113.74; destination_port=3389; score=110; action=bgp_blackhole_and_flowspec_discard; block_duration=18000s; reason=repeated high-score sensitive-port hits=3 dsts=1 port=3389 show less	Port Scan
🇩🇪 Yachiyo Runami	2026-06-06 10:17:16 (3 days ago)	Port Scan on Honeypot \| Ports: 3389/RDP \| Proto: TCP(1) \| Flags: all SYN \| TTL: 241 \| Len: 44B \| Win ... show more Port Scan on Honeypot \| Ports: 3389/RDP \| Proto: TCP(1) \| Flags: all SYN \| TTL: 241 \| Len: 44B \| Win: 1024(1) \| F2B/ufw-honeypot@2026-06-06T10:17:16Z show less	Port Scan Hacking
🇬🇧 PeravixGroup	2026-06-05 21:58:09 (4 days ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
Anonymous	2026-06-05 09:32:47 (4 days ago)	unsolicited connect TCP dport 3389 (sport 43825)	Hacking
🇬🇧 Nov	2026-06-05 09:07:58 (4 days ago)	Unauthorized RDP access attempt (tcp/3389)	Port Scan
🇩🇪 Da_tschek	2026-06-04 19:01:32 (5 days ago)	Port scanning	Port Scan Hacking
🇺🇸 micropedro	2026-06-04 18:30:05 (5 days ago)	5 incidents: port scanning. First: 2026-06-04 13:41, Last: 2026-06-04 14:30 UTC. Triggers: non-publi ... show more 5 incidents: port scanning. First: 2026-06-04 13:41, Last: 2026-06-04 14:30 UTC. Triggers: non-public-port,port-trap,firewall-tcp,ufw-repeater,recidive. show less	Port Scan Brute-Force
🇫🇮 iamxorum	2026-06-04 18:11:30 (5 days ago)	2026-06-04T18:11:29.516250+00:00 XRM-01 kernel: [HONEYPORT] IN=eth0 OUT= MAC=92:00:06:e6:da:95:d2:74 ... show more 2026-06-04T18:11:29.516250+00:00 XRM-01 kernel: [HONEYPORT] IN=eth0 OUT= MAC=92:00:06:e6:da:95:d2:74:7f:6e:37:e3:08:00 SRC=154.12.22.39 DST=46.62.222.43 LEN=40 TOS=0x00 PREC=0x00 TTL=234 ID=6820 PROTO=TCP SPT=43556 DPT=3389 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇩🇪 ValtonTahiri	2026-06-04 18:10:35 (5 days ago)	UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly as ... show more UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly associated with port scanning, service discovery, or automated internet probing. Technical: source_ip=154.12.22.39; proto=TCP; source_port=43556; target_port=3389; flags=SYN show less	Port Scan
🇩🇪 centurion	2026-06-04 17:57:54 (5 days ago)	Blocked by UFW on ns02 [3389/tcp] Source port: 43556 TTL: 237 Packet length: 40 TOS: 0x00 This repo ... show more Blocked by UFW on ns02 [3389/tcp] Source port: 43556 TTL: 237 Packet length: 40 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Hacking Brute-Force

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 120.48.178.142

🇫🇷 81.17.98.19

🇺🇸 66.132.172.37

🇬🇧 35.203.211.72

🇮🇹 2.57.170.145

🇰🇷 211.46.177.174

🇩🇪 151.243.11.37

🇫🇷 91.231.89.249

🇧🇪 34.156.86.32

🇰🇷 210.95.176.243

🇷🇴 193.32.162.16

🇫🇷 173.249.52.138

🇩🇪 155.117.127.214

🇺🇸 91.230.168.143

🇺🇸 66.132.172.39

🇺🇸 20.64.104.154

🇲🇽 186.96.145.241

🇨🇳 101.126.135.131

🇸🇬 43.173.177.144

🇺🇸 185.180.141.13