AbuseIPDB » 154.160.2.92
154.160.2.92 was found in our database!
This IP was reported 7 times. Confidence of
Abuse
is 16% : ?
ISP
AS_MOBILE
Usage Type
Mobile ISP
ASN
AS30986
Hostname(s)
dyn-as-mobile-154-160-2-92.mtn.com.gh
Domain Name
mtn.com.gh
Country
๐ฌ๐ญ
Ghana
City
Accra, Greater Accra
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 154.160.2.92 :
This IP address has been reported a total of
7
times from
6 distinct
sources.
154.160.2.92 was first reported on
April 23rd 2023 , and the most recent report was
21 hours ago .
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ฉ๐ช
pltcldvlpr
2026-07-06 05:07:51
(21 hours ago)
Bogus Useragent: 154.160.2.92 - - [06/Jul/2026:07:07:50 +0200] "GET /protocol?id=st_6_98¶graph=1 ...
show more
Bogus Useragent: 154.160.2.92 - - [06/Jul/2026:07:07:50 +0200] "GET /protocol?id=st_6_98¶graph=14684215&seq=2058 HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows; U; Windows 98; Win 9x 4.90) AppleWebKit/533.11.7 (KHTML, like Gecko) Version/5.0.4 Safari/533.11.7" asn=30986 org="Scancom Ltd." country=GH
...
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-10 02:05:06
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 154.160.2.92 (dyn-as-mobile-154-160-2-92.mtn.co ...
show more
(mod_security) mod_security (id:240335) triggered by 154.160.2.92 (dyn-as-mobile-154-160-2-92.mtn.com.gh): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 22:04:57.462248 2026] [security2:error] [pid 7520:tid 7520] [client 154.160.2.92:34985] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 154.160.2.92 (+1 hits since last alert)|geriterry.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "geriterry.com"] [uri "/xmlrpc.php"] [unique_id "aijGSZRZFDPcrvSFCbpQyQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
xmission.com
2026-05-07 10:49:19
(1 month ago)
Blocked by UFW (TCP on 37603)
Source port: 48077
TTL: 102
Packet length: 52
TOS: 0x08
This report ( ...
show more
Blocked by UFW (TCP on 37603)
Source port: 48077
TTL: 102
Packet length: 52
TOS: 0x08
This report (for 154.160.2.92) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐บ๐ฆ
URAN Publishing Service
2024-01-04 02:11:19
(2 years ago)
154.160.2.92 - - [04/Jan/2024:04:11:16 +0200] "GET /wp-login.php HTTP/1.1" 404 4781 "-" "Mozilla/5.0 ...
show more
154.160.2.92 - - [04/Jan/2024:04:11:16 +0200] "GET /wp-login.php HTTP/1.1" 404 4781 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
154.160.2.92 - - [04/Jan/2024:04:11:17 +0200] "GET /xmlrpc.php HTTP/1.1" 404 366 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
...
show less
Web App Attack
๐ต๐น
Subnet Shadow Specter
2023-05-05 09:15:20
(3 years ago)
Trolling for resource vulnerabilities. User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; ...
show more
Trolling for resource vulnerabilities. User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko. Auto blocked and Banned.
show less
DDoS Attack
VPN IP
Port Scan
Hacking
Brute-Force
Exploited Host
Web App Attack
๐ฟ๐ฆ
Birdflew
2023-04-23 11:28:42
(3 years ago)
Port scanning
Hacking
๐ฟ๐ฆ
Birdflew
2023-04-23 11:28:42
(3 years ago)
Failed IMAP login
Brute-Force
Showing 1 to
7
of 7 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: