JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.16.105.80

154.16.105.80 was found in our database!

This IP was reported 55 times. Confidence of Abuse is 0%: ?

ISP	FREEDOMTECH SOLUTIONS LIMITED
Usage Type	Fixed Line ISP
ASN	AS174
Domain Name	netutil.io
Country	🇺🇸 United States of America
City	Las Vegas, Nevada

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.16.105.80

Whois 154.16.105.80

IP Abuse Reports for 154.16.105.80:

This IP address has been reported a total of 55 times from 37 distinct sources. 154.16.105.80 was first reported on December 20th 2022, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-12 18:17:15 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 154.16.105.80 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 154.16.105.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 12 14:17:11.984202 2026] [security2:error] [pid 16458:tid 16458] [client 154.16.105.80:22450] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|caralis.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "caralis.com"] [uri "/wp-json/wp/v2/users"] [unique_id "agNup5i5EBuo7SPqWDoH0QAAAAs"], referer: https://t.co/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-12 13:20:13 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 154.16.105.80 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 154.16.105.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 12 09:20:06.351775 2026] [security2:error] [pid 32750:tid 32750] [client 154.16.105.80:25015] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.theabstractpress.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.theabstractpress.com"] [uri "/wp-json/wp/v2/users"] [unique_id "agMpBk0VYeXe9FyfXIbb8wAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 Mediashaker	2026-03-29 00:37:43 (2 months ago)	(smtpauth) Failed SMTP AUTH login from 154.16.105.80 (US/United States/-)	Brute-Force
🇺🇸 xmission.com	2026-03-28 18:37:42 (2 months ago)	Blocked by UFW (TCP on 51593) Source port: 37433 TTL: 118 Packet length: 52 TOS: 0x08 This report ( ... show more Blocked by UFW (TCP on 51593) Source port: 37433 TTL: 118 Packet length: 52 TOS: 0x08 This report (for 154.16.105.80) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 xmission.com	2026-03-27 04:48:02 (2 months ago)	Blocked by UFW (TCP on 51593) Source port: 1936 TTL: 118 Packet length: 52 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 51593) Source port: 1936 TTL: 118 Packet length: 52 TOS: 0x08 This report (for 154.16.105.80) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇮🇹 VHosting	2026-02-18 22:32:46 (4 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇺🇸 xmission.com	2025-09-23 14:42:04 (8 months ago)	Blocked by UFW (TCP on 55756) Source port: 63012 TTL: 118 Packet length: 52 TOS: 0x08 This report ( ... show more Blocked by UFW (TCP on 55756) Source port: 63012 TTL: 118 Packet length: 52 TOS: 0x08 This report (for 154.16.105.80) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2025-08-04 15:49:58 (10 months ago)	Botnet - login attempts with leaked random user/pass lists	Hacking Brute-Force Web App Attack
🇪🇸 Droprz	2025-07-04 06:00:00 (11 months ago)	HTTP malformed request	Web App Attack
🇫🇷 service Informatique	2024-12-15 04:00:37 (1 year ago)	GET /.env	Web App Attack
🇬🇧 Aetherweb Ark	2024-12-14 09:30:27 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 154.16.105.80 (US/United States/-): N in the la ... show more (mod_security) mod_security (id:210492) triggered by 154.16.105.80 (US/United States/-): N in the last X secs show less	Web App Attack
🇺🇸 TPI-Abuse	2024-12-14 02:31:20 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 154.16.105.80 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 154.16.105.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 13 21:31:16.199295 2024] [security2:error] [pid 12755:tid 12755] [client 154.16.105.80:58791] [client 154.16.105.80] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ieas.org"] [uri "/.env"] [unique_id "Z1zt9I2VSRgEL62OvTPHuAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-12-14 02:26:32 (1 year ago)	Probing to gain illegal access	Web App Attack
Anonymous	2024-12-13 23:14:02 (1 year ago)	Bot / scanning and/or hacking attempts: GET /.env HTTP/1.1	Hacking Web App Attack
🇫🇷 tecnicorioja	2024-12-13 23:00:50 (1 year ago)	(Mod_security) [13/Dec/2024:11:06:24.899551	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 55 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 89.37.190.161

🇩🇪 69.5.169.154

🇧🇪 34.52.215.235

🇺🇸 3.87.27.156

🇺🇸 216.25.89.110

🇺🇸 205.210.31.17

🇳🇱 195.178.110.103

🇫🇮 193.25.216.201

🇦🇷 190.183.202.197

🇩🇪 144.76.32.190

🇺🇸 96.126.117.80

🇩🇪 69.5.169.240

🇺🇸 45.33.100.49

🇺🇸 23.87.111.23

🇿🇦 197.185.157.158

🇫🇷 185.177.72.205

🇫🇷 185.177.72.69

🇫🇷 185.177.72.52

🇻🇪 181.208.115.39

🇨🇳 110.249.201.21