JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.29.233.141

154.29.233.141 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 0%: ?

ISP	Aventice LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46261
Domain Name	aventice.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.29.233.141

Whois 154.29.233.141

IP Abuse Reports for 154.29.233.141:

This IP address has been reported a total of 7 times from 2 distinct sources. 154.29.233.141 was first reported on January 26th 2025, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-17 05:39:18 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 154.29.233.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 154.29.233.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 00:39:12.303006 2026] [security2:error] [pid 31652:tid 31652] [client 154.29.233.141:36199] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/wp-config.php.original"] [unique_id "aWsggEuodnj4wQU8zjDLAwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 19:04:46 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 154.29.233.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 154.29.233.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 14:04:35.940735 2025] [security2:error] [pid 22842:tid 23016] [client 154.29.233.141:46569] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.kettlehill.com"] [uri "/example.htaccess"] [unique_id "aVLQw1KoonkfA7MmLZcLpwAAAQ4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-29 10:44:58 (6 months ago)	(mod_security) mod_security (id:221260) triggered by 154.29.233.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:221260) triggered by 154.29.233.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 29 05:44:54.300066 2025] [security2:error] [pid 21257:tid 21271] [client 154.29.233.141:40993] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|whm.kettlehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.kettlehill.com"] [uri "/debug.cgi"] [unique_id "aSrOplDVLKxLoGo9zLaUSAAAAUU"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 03:05:09 (10 months ago)	(mod_security) mod_security (id:221260) triggered by 154.29.233.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:221260) triggered by 154.29.233.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 23:05:07.191044 2025] [security2:error] [pid 872115:tid 872200] [client 154.29.233.141:40327] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|autoconfig.kettlehill.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autoconfig.kettlehill.net"] [uri "/cgi-bin/test-cgi"] [unique_id "aIWXYwvyH8oDfA8BX4UQSgAAAhE"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 21:30:09 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 154.29.233.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 154.29.233.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 17:29:57.886439 2025] [security2:error] [pid 3553351:tid 3553351] [client 154.29.233.141:45999] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.farmers123.com"] [uri "/sftp-config.json"] [unique_id "aDjR1RucTyrhZVB2_JN9agAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-02-27 14:50:08 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 154.29.233.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 154.29.233.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 27 09:50:02.741445 2025] [security2:error] [pid 27061:tid 27161] [client 154.29.233.141:34727] [client 154.29.233.141] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.com"] [uri "/wp-config.php-backup"] [unique_id "Z8B7mh0YO9vnfm9-bP1G7AAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-26 11:00:19 (1 year ago)	\| A web attack returned code 200 (success).	Hacking SQL Injection Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.104.79.191

🇺🇸 207.90.244.21

🇺🇸 207.90.244.10

🇦🇫 203.171.106.171

🇰🇿 145.255.160.126

🇺🇸 137.184.228.138

🇰🇿 93.157.177.202

🇰🇿 89.40.192.79

🇺🇿 188.113.246.152

🇳🇱 185.224.128.16

🇰🇿 176.64.5.135

🇺🇸 162.216.150.79

🇩🇪 130.12.181.106

🇨🇳 117.44.84.110

🇨🇳 113.3.150.145

🇧🇩 103.166.59.150

🇵🇰 103.82.121.231

🇰🇿 92.55.172.82

🇪🇸 87.124.179.178

🇰🇿 85.193.115.216