JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.12.55.234

154.12.55.234 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 41%: ?

41%

ISP	NetLab Global
Usage Type	Commercial
ASN	AS979
Domain Name	as979.net
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.12.55.234

Whois 154.12.55.234

IP Abuse Reports for 154.12.55.234:

This IP address has been reported a total of 14 times from 12 distinct sources. 154.12.55.234 was first reported on February 19th 2023, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 tjs	2026-06-03 06:25:00 (3 weeks ago)	web attack, shell attempt	Hacking Web App Attack
🇹🇭 Sawasdee	2026-06-02 13:06:04 (3 weeks ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
🇨🇭 amaco	2026-06-02 12:53:39 (3 weeks ago)	SSH brute-force attempt from 154.12.55.234.	Port Scan Brute-Force SSH
🇬🇧 PeravixGroup	2026-06-02 12:47:34 (3 weeks ago)	Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ... show more Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Brute-Force
🇨🇿 lp	2026-06-02 12:18:57 (3 weeks ago)	SSH Brute force: 10 attempts were recorded from 154.12.55.234 2026-06-02T14:07:45+02:00 Invalid user ... show more SSH Brute force: 10 attempts were recorded from 154.12.55.234 2026-06-02T14:07:45+02:00 Invalid user admin from 154.12.55.234 port 41130 2026-06-02T14:08:17+02:00 Invalid user orangepi from 154.12.55.234 port 48292 2026-06-02T14:08:51+02:00 Connection closed by authenticating user root 154.12.55.234 port 55092 [preauth] 2026-06-02T14:09:24+02:00 Connection closed by authenticating user root 154.12.55.234 port 32910 [preauth] 2026-06-02T14:09:56+02:00 Connection closed by authenticating user root 154.12.55.234 port 35902 [preauth] 2026-06-02T14:10:28+02:00 Connection closed by authenticating user root 154.12.55.234 port 34068 [preauth] 2026-06-02T14:11:00+02:00 Connection closed by authenticating user root 154.12.55.234 port 40730 [preauth] 2026-06-02T14:12:00+02:00 Connection closed by authenticating user root 154.12.55.234 port 55352 [preauth] 2026-06-02T14:12:34+02:00 Invalid user test show less	Brute-Force SSH
🇺🇸 itsnixk	2026-06-02 12:15:20 (3 weeks ago)	(mod_security) mod_security (id:920350) triggered by 154.12.55.234 (US/United States/-): 1 in the la ... show more (mod_security) mod_security (id:920350) triggered by 154.12.55.234 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Tue Jun 02 08:15:15.093923 2026] [security2:error] [pid 1251805:tid 1252270] [client 154.12.55.234:43440] ModSecurity: Access denied with code 406 (phase 1). Pattern match "(?:^([\\\\d.]+\|\\\\[[\\\\da-f:]+\\\\]\|[\\\\da-f:]+)(:[\\\\d]+)?$)" at REQUEST_HEADERS:Host. [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "774"] [id "920350"] [msg "Host header is a numeric IP address"] [redacted] [severity "WARNING"] [ver "OWASP_CRS/4.25.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL-ENFORCEMENT"] [tag "capec/1000/210/272"] [redacted] [uri "/cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh"] [unique_id "ah7JU-zdkHKfsZe2AC2yCAAAAFU"] show less	Port Scan
🇩🇪 Tamsy	2026-06-02 11:52:43 (3 weeks ago)	HTTPD - Buffer overflow attack	Web App Attack
Anonymous	2026-06-02 11:52:39 (3 weeks ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇳🇱 mateisr	2026-06-02 11:35:29 (3 weeks ago)	Fail2Ban - SSHD brute-force SSH server ...	Brute-Force SSH
Anonymous	2026-06-02 11:34:17 (3 weeks ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
🇹🇼 kk_it_man	2026-06-02 11:23:02 (3 weeks ago)	ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 ET EXPLOIT Apache HTTP ... show more ET EXPLOIT Apache HTTP Server - Path Traversal Attempt (CVE-2021-42013) M2 ET EXPLOIT Apache HTTP Server 2.4.49 - Path Traversal Attempt (CVE-2021-41773) M2 ET WEB_SERVER /bin/sh In URI Possible Shell Command Execution Attempt ET WEB_SERVER Generic PHP Remote File Include ET WEB_SERVER PHP tags in HTTP POST ET WEB_SERVER PHP.//Input in HTTP POST ET WEB_SERVER Possible SQL Injection (exec) in HTTP Request Body ET WEB_SERVER allow_url_include PHP config option in uri ET WEB_SERVER auto_prepend_file PHP config option in uri ET WEB_SPECIFIC_APPS PHP-CGI OS Command Injection (soft hyphen) (CVE-2024-4577) show less	Port Scan
Anonymous	2026-06-02 11:17:11 (3 weeks ago)	2026-06-02T11:12:59.013558+00:00 de-fra2-matrix1 sshd[2864333]: Invalid user admin from 154.12.55.23 ... show more 2026-06-02T11:12:59.013558+00:00 de-fra2-matrix1 sshd[2864333]: Invalid user admin from 154.12.55.234 port 42722 2026-06-02T11:13:30.337870+00:00 de-fra2-matrix1 sshd[2864340]: Invalid user orangepi from 154.12.55.234 port 54544 2026-06-02T11:17:10.536542+00:00 de-fra2-matrix1 sshd[2864376]: Invalid user test from 154.12.55.234 port 58998 ... show less	Brute-Force SSH
Anonymous	2023-03-04 08:45:32 (3 years ago)		DNS Compromise DDoS Attack
Anonymous	2023-02-19 05:11:13 (3 years ago)		DNS Compromise DDoS Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 210.169.192.47

🇧🇪 198.235.24.166

🇺🇸 198.46.131.42

🇱🇹 62.60.130.219

🇸🇬 43.160.249.98

🇬🇧 35.203.211.104

🇬🇧 35.203.210.15

🇺🇸 216.126.239.78

🇳🇱 195.178.110.188

🇳🇱 185.223.235.37

🇳🇱 160.119.71.136

🇨🇳 123.190.18.5

🇨🇳 116.179.32.26

🇸🇪 82.118.29.237

🇺🇸 69.5.97.41

🇺🇸 66.132.195.117

🇨🇳 60.205.223.197

🇬🇧 35.203.211.118

🇺🇸 216.25.89.71

🇦🇷 181.23.87.149