JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.208.48.22

154.208.48.22 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 12%: ?

12%

ISP	IN CABLE INTERNET PRIVATE LIMITED
Usage Type	Fixed Line ISP
ASN	AS150750
Domain Name	incableinternet.com
Country	🇵🇰 Pakistan
City	Lahore, Punjab

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.208.48.22

Whois 154.208.48.22

IP Abuse Reports for 154.208.48.22:

This IP address has been reported a total of 19 times from 12 distinct sources. 154.208.48.22 was first reported on September 8th 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Vegascosmetics	2026-06-13 14:34:27 (3 days ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after obfuscated redirect. Vegas Security	DDoS Attack Hacking Exploited Host
🇨🇭 ALPHANET	2026-05-27 04:15:08 (2 weeks ago)	Botnet or web spider not respecting robots.txt	DDoS Attack Exploited Host
🇺🇸 TPI-Abuse	2026-03-15 12:14:57 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 154.208.48.22 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 154.208.48.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 15 08:14:52.971716 2026] [security2:error] [pid 30446:tid 30446] [client 154.208.48.22:51288] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|batw.net\|F\|2"] [data ".borzois.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "batw.net"] [uri "/borzois.com/silkenswift/www.borzois.com"] [unique_id "abaivPf1ajH7JW2xRRi2mQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 _ArminS_	2026-03-06 06:30:11 (3 months ago)	SP-Scan 54516:1433 detected 2026.03.06 07:30:11 blocked until 2026.04.25 01:32:58	Port Scan
Anonymous	2026-03-06 05:18:53 (3 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇺🇸 RAP	2026-02-10 09:44:21 (4 months ago)	2026-02-10 09:44:21 UTC Unauthorized activity to TCP port 1433. SQL	Port Scan
Anonymous	2026-02-10 09:43:28 (4 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇳🇱 exxos	2025-08-08 18:07:26 (10 months ago)	HTTP1.x attacks	DDoS Attack
🇳🇱 exxos	2025-08-04 05:10:01 (10 months ago)	HTTP1.x attacks	DDoS Attack
🇳🇱 exxos	2025-07-28 04:21:22 (10 months ago)	HTTP1.x attacks	DDoS Attack
🇳🇱 exxos	2025-07-28 02:19:23 (10 months ago)	HTTP1.x attacks	DDoS Attack
🇳🇱 exxos	2025-07-27 23:50:13 (10 months ago)	HTTP1.x attacks	DDoS Attack
🇪🇸 Global Cyber Police	2025-07-27 17:45:45 (10 months ago)	Malicious bot activity detected: Hitting honeypot page (200 OK with 258/259 bytes sent).	Port Scan Brute-Force Web App Attack
🇳🇱 exxos	2025-07-24 17:52:16 (10 months ago)	HTTP1.x attacks	DDoS Attack
Anonymous	2025-07-24 15:08:45 (10 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 200.195.191.26

🇮🇳 182.95.42.130

🇵🇰 153.117.9.207

🇨🇳 118.121.203.170

🇳🇱 45.153.34.71

🇺🇸 38.34.172.153

🇬🇧 2a06:4880:8000::b0

🇮🇩 203.83.40.83

🇭🇰 181.215.6.135

🇻🇪 181.208.115.178

🇸🇦 176.16.77.167

🇺🇸 172.202.118.10

🇺🇸 172.68.175.101

🇺🇸 147.185.132.92

🇺🇸 137.184.222.166

🇨🇳 120.48.99.18

🇮🇩 112.215.140.191

🇨🇳 106.59.227.79

🇫🇷 98.66.233.228

🇷🇺 93.120.208.59