JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.26.132.116

154.26.132.116 was found in our database!

This IP was reported 127 times. Confidence of Abuse is 100%: ?

100%

ISP	Cogent Communications, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS141995
Hostname(s)	vmi1294993.contaboserver.net
Domain Name	cogentco.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.26.132.116

Whois 154.26.132.116

IP Abuse Reports for 154.26.132.116:

This IP address has been reported a total of 127 times from 56 distinct sources. 154.26.132.116 was first reported on March 10th 2024, and the most recent report was 22 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 FeG Deutschland	2026-06-03 21:21:34 (22 hours ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2	Exploited Host Web App Attack
🇬🇧 spamverify.com	2026-06-03 20:52:37 (22 hours ago)	Honeypot Hit: xmlrpc.php	Web Spam Blog Spam Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-06-03 20:30:03 (23 hours ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇩🇪 Martin Lundstrom	2026-06-03 19:25:36 (1 day ago)	https://www.eagleeye-intelligence.com — WordPress attack. Automatically detected and blocked.	Web App Attack
🇺🇸 lostswordfish.com	2026-06-03 18:56:04 (1 day ago)	Wordfence waf block on registrymatters	Web App Attack
🇲🇹 Malta	2026-06-03 18:01:53 (1 day ago)	154.26.132.116 - - [03/Jun/2026:20:01:53 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Windows NT ... show more 154.26.132.116 - - [03/Jun/2026:20:01:53 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:133.0) Gecko/20100101 Firefox/133.0" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇬🇧 spamverify.com	2026-06-03 15:37:31 (1 day ago)	Honeypot Hit: WordPress Users	Web Spam Blog Spam Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-03 14:43:32 (1 day ago)	(modsec_5040) ModSec 5040: API Basic Auth blocked from 154.26.132.116 (SG/Singapore/vmi1294993.conta ... show more (modsec_5040) ModSec 5040: API Basic Auth blocked from 154.26.132.116 (SG/Singapore/vmi1294993.contaboserver.net): 1 in the last 3600 secs (0-195) show less	Hacking
🇩🇪 LRob.fr	2026-06-02 19:30:08 (2 days ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
Anonymous	2026-06-02 18:30:15 (2 days ago)	IP banned by Fail2Ban in jail nginx-abusive-ips	Web App Attack Brute-Force Bad Web Bot
🇩🇪 FeG Deutschland	2026-06-02 16:22:43 (2 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇪🇸 el-brujo	2026-06-02 15:58:41 (2 days ago)	Cloudflare WAF: Request Path: /ddos/ Request Query: Host: www.elhacker.net userAgent: Mozilla/5.0 ( ... show more Cloudflare WAF: Request Path: /ddos/ Request Query: Host: www.elhacker.net userAgent: Mozilla/5.0 (Windows NT 6.2; rv:41.0) Gecko/20211112 Firefox/41.0 Action: block Source: l7ddos ASN Description: Contabo Asia Private Limited Country: SG Method: GET Timestamp: 2026-06-02T15:58:41Z ruleId: 6e3ccc23900c428e8ec0fb8a3a679c52. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇨🇦 1gz	2026-06-02 15:15:38 (2 days ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/2 (GET method) ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/2 (GET method) Endpoint: /wp-json/wp/v2/users/me UA: Mozilla/5.0 (X11; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 CollideTech	2026-06-02 14:50:26 (2 days ago)	probing for vulnerabilities	Web App Attack
🇺🇸 cwytech	2026-06-02 13:16:30 (2 days ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/wp-us-login-only-high.	Bad Web Bot Web App Attack

Showing 1 to 15 of 127 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 180.76.58.4

🇳🇱 81.19.216.83

🇺🇸 5.78.205.169

🇧🇷 205.210.31.176

🇨🇴 179.32.33.161

🇺🇸 167.71.105.12

🇮🇳 143.244.141.168

🇷🇺 95.165.226.98

🇫🇷 92.94.157.76

🇩🇪 69.5.169.155

🇷🇺 45.74.3.86

🇺🇸 45.58.52.25

🇧🇷 38.191.154.254

🇬🇧 35.203.210.220

🇺🇸 34.83.234.152

🇪🇸 196.196.150.124

🇺🇸 162.216.150.74

🇺🇸 135.119.112.180

🇭🇰 101.36.122.139

🇩🇪 69.5.169.143